Payment Card Industry (PCI) security standards are minimum requirements for protecting your customers' payment card information.
PCI compliance is required for all merchants that store, transmit, or process payment card information.
Visual Click's products can help keep your organization in compliance with these PCI regulations.
7.1 Limit access to system components and cardholder data to only those individuals whose job requires such access.
7.2 Establish a mechanism for systems with multiple users that restricts access based on a user´s need to know and is set to “deny all” unless specifically allowed.
8.1 Assign all users a unique ID before allowing them to access system components or cardholder data.
8.5.1 Control addition, deletion, and modification of user IDs, credentials, and other identifier objects.
8.5.3 Set first-time passwords to a unique value for each user and change immediately after the first use.
8.5.4 Immediately revoke access for any terminated users.
8.5.5 Remove or disable inactive user accounts at least every 90 days.
8.5.6 Enable accounts used by vendors for remote maintenance only during the time period needed.
8.5.8 Do not use group, shared, or generic accounts and passwords.
8.5.9 Change user passwords at least every 90 days.
8.5.10 – 8.5.12 Password complexity requirements (Require a minimum password length of at least seven characters, Use passwords containing both numeric and alphabetic characters).
8.5.13 Limit repeated access attempts by locking out the user ID after not more than six attempts.
10.1 Establish a process for linking all access to system components (especially those done with administrative privileges such as root) to each individual user.
10.2 Implement automated audit trails to reconstruct the required events.
10.3 Record at least the following audit trail entries for all system components for each event: User identification, Type of event, Date and time, Success or failure indication, Origination of event, Identity or name of affected data, system component, or resource.
10.5 Secure audit trails so they cannot be altered.
10.6 Review logs for all system components at least daily.
10.7 Retain audit trail history for at least one year, with a minimum of three months immediately available for analysis.
Get a free trial of our tools today!
We'll make sure you can take advantage of everything our products have to offer.
Our rapid-response support team can assist with any questions you may have.
Need more? Just ask! We'll create a custom solution that fits your needs.