Security Features Of A Firewall - 1707 Words

The first requirement is that the company must install and maintain a firewall that is properly configured to protect cardholders’ data. All computer systems shall be protected from unauthorized access by untrusted networks. A firewall shall be always be used when entering the system from the Internet as e-commerce, employee Internet access through a desktop browser, employee-email access, a dedicated connection such as business-to-business connections, via wireless networks, or other sources. There needs to be a recognized process that approves and tests all network connections and any changes to system configurations. A current network diagram that depicts all network connections should be also be created, verified, and updated†¦show more content†¦Administrators should remove default passwords and disable unnecessary default accounts and non-essential functionality before the devices are installed on the network. An inventory of system components that are a part of the cycle for PCI DSS must be maintained. Requirement number three is to protect stored cardholder data using encryption, truncation, masking and hashing as part of the cardholder data protection. If a hacker manages to bypass the security protection and get access to the encrypted data, the information is unreadable and useless without the correct cryptographic key. Only the minimal amount of cardholder data should be stored whenever possible. There should also be policies for data retention and disposal procedures of cardholder data storage. Only store the minimal data needed, do not store the entire track of contents of magnetic strips, card verification code, or PIN number. PAN numbers must be rendered unreadable anywhere they are stored. Cryptographic keys should be stored in as few locations as possible and under secure encrypted devices. The fourth requirement states that the entities must encrypt transmission of cardholder data when done across open or public networks. It is required that entities use strong cryptography and security protocols to maintain security of cardholder data during transmission. You should never send PAN information by email, instant messaging, chat, or other messaging technology.