Yieldmore is considering the use of credit card payments from customers. To do this Yieldmore must comply with PCI DSS standards. A brief report on how to do this will be included in this document. Keep in mind that this only touches what is needed.
The following are steps that must be taken to ensure that Yieldmore is complying with PCI DSS standards.
Build and maintain a secure network.
Requirements: Install and maintain a fire wall. This is a no brainer. A simple firewall will help prevent listening or probing an internal network.
Requirements: No using default password. Default passwords are often used first by crackers to gain access to networks and data.
Protect cardholder data.
Requirements: Protect stored data. This can be done simply by encrypting stored data.
Requirements: Encrypt data transmissions. This can be done by using HTTPS or SSL. Any type of secure data transfer is acceptable.
Maintain a vulnerability management program.
Requirements: Use antivirus programs and update. This will help prevent unwanted malware and possible Trojans that are used to establish backdoors into your network. Keep them up to date.
Requirements: Develop and maintain a secure system. Use strong password, firewalls, data encryption, update and increase physical access security.
Implement strong access controls
Requirements: Restrict access to data. This also can be done by data encryption and using strong passwords.…