The PCI Data Security Standard

1- Install and maintain a firewall configuration to protect cardholder data
2- Do not use vendor-supplied defaults for system passwords and other
security parameters
3- Protect stored cardholder data
4- Encrypt transmission of cardholder data across open, public networks
5- Use and regularly update anti-virus software
6- Develop and maintain secure systems and applications
7- Restrict access to cardholder data by business need-to-know
8- Assign a unique ID to each person with computer access
9- Restrict physical access to cardholder data
10- Track and monitor all access to network resources and cardholder
data
11- Regularly test security systems and processes
12- Maintain a policy that addresses information security