PCI for SMB: Requirement 10 & 11 – Regularly Monitor and Test Networks
Welcome to the seventh post of a series on understanding the Payment Card Industry Data Security Standard–PCI DSS. We want to show how PCI DSS affects anyone going through the compliance process using the PCI SAQ’s (Self Assessment Questionnaires).
In the previous articles written about PCI, we covered the following:
- Requirement 1: Build and Maintain a Secure Network – Install and maintain a firewall configuration to protect cardholder data
- Requirement 2: Build and Maintain a Secure Network – Do not use vendor-supplied defaults for system passwords or other security parameters
- Requirement 3 & 4: Secure Cardholder Data
- Requirement 5 & 6: Maintain a Vulnerability Management Program
- Requirement 7 & 8: Implement Strong Access Control Measures
- Requirement 9: Implement Strong Access Control Measures
Having recapped this so far, we’re going to focus on the requirements under the Regularly Monitor and Test Networks section.