PCI-DSS 3.0 revisions released today

November 07, 2014, PCI-DSS 3.0 has been released. The PCI-DSS is a list of standards that are revised every 3 years and are instilled by the PCI-SSC to insure card information data security.

The new revisions will be in effect starting January 1, 2014, while PCI-DSS 2.0 will remain in effect until the end of 2014 to allow corporations time to regulate themselves to the new requirements.

The main revisions of the new requirements are mostly on implementing PCI-DSS in the workplace as everyday business and the importance of employee training.

Here is a list of the new requirements.

Req. 5.1.2 - evaluate evolving malware threats for any systems not considered to be commonly affected
Req. 8.2.3 - combined minimum password complexity and strength requirements into one, and increased flexibility for alternatives
Req. 8.5.1 - for service providers with remote access to customer premises, use unique authentication credentials for each customer
Req. 8.6 - where other authentication mechanisms are used (for example, physical or logical security tokens, smart cards, certificates, etc.) these must be linked to an individual account and ensure only the intended user can gain access
Req. 9.3 - control physical access to sensitive areas for onsite personnel, including a process to authorize access, and revoke access immediately upon termination
Req. 9.9 - protect devices that capture payment card data via direct physical interaction with the card from tampering and substitution
Req. 11.3 and 11.3.4 - implement a methodology for penetration testing; if segmentation is used to isolate the cardholder data environment from other networks, perform penetration tests to verify that the segmentation methods are operational and effective
Req. 11.5.1 - implement a process to respond to an alerts generated by the change-detection mechanism
Req. 12.8.5 - maintain information about which PCI DSS requirements are managed by each service provider, and which are managed by the entity
Req. 12.9 - for service providers, provide the written, agreement/acknowledgment to their customers as specified at requirement 12.8.2

November 07, 2014, PCI-DSS 3.0 has been released. The PCI-DSS is a list of standards that are revised every 3 years and are instilled by the PCI-SSC to insure card information data security.

The new revisions will be in effect starting January 1, 2014, while PCI-DSS 2.0 will remain in effect until the end of 2014 to allow corporations time to regulate themselves to the new requirements.

The main revisions of the new requirements are mostly on implementing PCI-DSS in the workplace as everyday business and the importance of employee training.

Here is a list of the new requirements.

Req. 5.1.2 - evaluate evolving malware threats for any systems not considered to be commonly affected
Req. 8.2.3 - combined minimum password complexity and strength requirements into one, and increased flexibility for alternatives
Req. 8.5.1 - for service providers with remote access to customer premises, use unique authentication credentials for each customer
Req. 8.6 - where other authentication mechanisms are used (for example, physical or logical security tokens, smart cards, certificates, etc.) these must be linked to an individual account and ensure only the intended user can gain access
Req. 9.3 - control physical access to sensitive areas for onsite personnel, including a process to authorize access, and revoke access immediately upon termination
Req. 9.9 - protect devices that capture payment card data via direct physical interaction with the card from tampering and substitution
Req. 11.3 and 11.3.4 - implement a methodology for penetration testing; if segmentation is used to isolate the cardholder data environment from other networks, perform penetration tests to verify that the segmentation methods are operational and effective
Req. 11.5.1 - implement a process to respond to an alerts generated by the change-detection mechanism
Req. 12.8.5 - maintain information about which PCI DSS requirements are managed by each service provider, and which are managed by the entity
Req. 12.9 - for service providers, provide the written, agreement/acknowledgment to their customers as specified at requirement 12.8.2

Network, Learn, Grow | FMAS:24

Get ready to mark your calendars for FMAS:24, returning this May! Take a quick glimpse of what awaits at the Sandton Convention Centre in Sandton, South Africa from May 20-22, 2024. Don't miss out on this 5-second invite packed with energy and urgency! Secure your free ticket now 🔗 https://events.financemagnates.com/yQx0l?utm_source=youtube&utm_campaign=fmas-is-back&utm_medium=video&RefId=FMAS24+Video+Ad+%5B1%5D #fmas24 #fmas #fmevents #financeinafrica #traders #investors #affiliates #forexTraders #investmentOpportunities #B2BNetworking #finTech #Innovations #TradingCommunity #BusinessOpportunities #AfricanBusiness #Johannesburg #southafrica 📣 Stay updated with the latest in finance and trading! Follow FMevents across our social media platforms for news, insights, and event updates. Connect with us today: 🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/ 👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents 📸 Instagram: https://www.instagram.com/fmevents_official 🐦 Twitter: https://twitter.com/F_M_events 🎥 TikTok: https://www.tiktok.com/@fmevents_official ▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official Don't miss out on our latest videos, interviews, and event coverage. Subscribe to our YouTube channel for more!

Get ready to mark your calendars for FMAS:24, returning this May! Take a quick glimpse of what awaits at the Sandton Convention Centre in Sandton, South Africa from May 20-22, 2024. Don't miss out on this 5-second invite packed with energy and urgency! Secure your free ticket now 🔗 https://events.financemagnates.com/yQx0l?utm_source=youtube&utm_campaign=fmas-is-back&utm_medium=video&RefId=FMAS24+Video+Ad+%5B1%5D #fmas24 #fmas #fmevents #financeinafrica #traders #investors #affiliates #forexTraders #investmentOpportunities #B2BNetworking #finTech #Innovations #TradingCommunity #BusinessOpportunities #AfricanBusiness #Johannesburg #southafrica 📣 Stay updated with the latest in finance and trading! Follow FMevents across our social media platforms for news, insights, and event updates. Connect with us today: 🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/ 👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents 📸 Instagram: https://www.instagram.com/fmevents_official 🐦 Twitter: https://twitter.com/F_M_events 🎥 TikTok: https://www.tiktok.com/@fmevents_official ▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official Don't miss out on our latest videos, interviews, and event coverage. Subscribe to our YouTube channel for more!