Core_PCI_Requirements_for_Windows_and_AD.pdf

White PaPer Core Payment Card Industry (PCI) Requirements for Windows and Active Directory® www.netpro.com Core Payment Card industry (PCi) requirements for WindoWs and aCtive direCtory www.netpro.com taBLe of Contents Core Payment Card industry (PCi) requirements for Windows and active directory® Why Comply? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Core PCi dss requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 ensuring PCi Compliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Protect stored cardholder data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 ensure proper user authentication and password management . . . . . . . . . . . . . . . . . . . . . 5 do not use vendor-supplied defaults for system passwords and other security parameters . . . 7 establish a process for linking all access to system components to each individual user . . . . . 7 implement automated audit trails for all system components to reconstruct various events . . . . 7 ensure that all system components and software have the latest vendor-supplied security patches installed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 encrypt transmission of cardholder data across open, public networks . . . . . . . . . . . . . 10 the netPro solution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .