secure. network. communications.
Cape Town, South Africa: Tel: +27 21 686 2227 | Fax: +27 86 551 0575 | Email us

Payment Card Industry (PCI) Data Security Standard (DSS)

The Payment Card Industry Data Security Standard (PCI DSS) is a standard that guides the interaction of a system with credit card and/or payment information, in real-time, or by relay. Our networks are PCI DSS compliant. To quote the PCI Security Standard Council:

The core of the PCI DSS is a group of 12 basic principles and accompanying requirements, around which the specific elements of the DSS are organized:

Build and Maintain a Secure Network

Requirement 1: Install and maintain a firewall configuration to protect cardholder data
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters

Protect Cardholder Data

Requirement 3: Protect stored cardholder data
Requirement 4: Encrypt transmission of cardholder data across open, public networks

Maintain a Vulnerability Management Program

Requirement 5: Use and regularly update anti-virus software
Requirement 6: Develop and maintain secure systems and applications

Implement Strong Access Control Measures

Requirement 7: Restrict access to cardholder data by business need-to-know
Requirement 8: Assign a unique ID to each person with computer access
Requirement 9: Restrict physical access to cardholder data

Regularly Monitor and Test Networks

Requirement 10: Track and monitor all access to network resources and cardholder data
Requirement 11: Regularly test security systems and processes

Maintain an Information Security Policy

Requirement 12: Maintain a policy that addresses information security