The Payment Card Industry Data Security Standard (PCI DSS) is a worldwide information security standard defined by the Payment Card Industry Security Standards Council. The standard was created to help organizations that process card payments, prevent credit card fraud through increased controls around data, and its exposure to compromise. The standard applies to all organizations, which hold, process, or exchange cardholder information from any card branded with the logo of one of the card brands. The main requirements are as follows:
Install and maintain a firewall configuration to protect cardholder data
Do not use vendor-supplied defaults for system passwords
Protect stored cardholder data
Encrypt transmission of cardholder data across open, public networks
Use and regularly update anti-virus software
Develop and maintain secure systems and applications
Assign a unique ID to each person with computer...