PCI Compliance

From Fishbowl

Jump to: navigation, search

PCI Compliance involves much more than the software your company uses. It also involves the practices and procedures of your company.

Below are a few ways that Fishbowl protects credit card information:

Below is a list of level 4 compliance for your reference. PCI compliance is not a federal law, and as such state and local laws may dictate requirements in addition to PCI compliance standards. In all cases Fishbowl must be used in the appropriate way to maintain compliance with such laws. Remember that Fishbowl is simply a business tool that must be used in harmony with laws and correct processes.

PCI
Requirement
Description
Compliance Status
(Select One)
Remediation Date and Actions
(if Compliance Status is No)
1
Install and maintain a firewall configuration to protect cardholder data.
Yes
No
2
Do not use vendor-supplied defaults for system passwords and other security parameters.
Yes
No
3
Protect stored cardholder data.
Yes
No
4
Encrypt transmission of cardholder data across open, public networks.
Yes
No
5
Use and regularly update anti-virus software.
Yes
No
6
Develop and maintain secure systems and applications.
Yes
No
7
Restrict access to cardholder data by business need to know.
Yes
No
8
Assign a unique ID to each person with computer access.
Yes
No
9
Restrict physical access to cardholder data.
Yes
No
10
Track and monitor all access to network resources and cardholder data.
Yes
No
11
Regularly test security systems and processes.
Yes
No
12
Maintain a policy that addresses information security.
Yes
No

Data pulled from PCI Compliance website

Personal tools
Namespaces
Variants
Actions
Navigation
Other Pages
Toolbox
Print/export
Translate