Meeting the Payment Card Industry Data Security Standard
The Payment Card Industry Data Security Standard mandates requirements to protect card holder data. Requirements cover network security, data protection, vulnerability management, access control, monitoring and testing, and information security.
Implementing and maintaining compliance with PCI-DSS can seem a daunting task. While some of these tasks require human action, once the controls are in place, a majority of the processes can be automated utilizing a Security Information Event Management (SIEM) solution. This paper discusses the specific requirements and solutions affecting network administrators.