Create and maintain firewall configuration standards.
Consider placement of DMZ and firewalls.
Restrict inbound/outbound traffic.
Develop network diagrams.
Change all vendor default passwords.
Develop and implement configuration tandards for all system components.
Remove unnecessary functionality.
Data retention and disposal policy.
Do not store sensitive authentication data post authorisation, including security code (CVV2 etc.), magnetic stripe (track 1/track 2) or the Personal Identification number (PIN) or encrypted PIN block.
Mask the PAN when displayed.
Render the PAN unreadable anywhere it is stored.
Document key management processes and procedures for keys used for the encryption of cardholder data.
Applies to transmission of...