The Payment Card Industry (PCI) Data Security Standard requires that merchants and service providers who store, process or transmit credit and/or debit card data comply with a set of 12 requirements designed to safeguard this highly sensitive information. Most security professionals agree that these requirements — often referred to colloquially as the “dirty dozen” — represent current information security best practices, and offer a reasonable set of controls for dealing with extremely sensitive data.

Read the full article: Network isolation as a PCI DSS compliance strategy

Published in SearchSecurity on 04/04/07