Your browser version is outdated. We recommend that you update your browser to the latest version.

Card Specialists will help you maintain your PCI compliancy.  Give us a call at (605) 334-5474 about how to maintain your compliancy today.

20 Security Recommendations

  • Identify areas of highest risk and continuously assess and remediate critical vulnerabilities

  • Develop and deploy application white­listing on high value targets (e.g., domain controllers)

  • Add file integrity monitoring to all public-facing and application servers

  • Centralize and increase frequency of patch management

  • Develop information classification processes and Identify sensitive information repositories

  • Build internal segmentation

  • Move highly sensitive management controls (e.g. SAN Management) off the enterprise network

  • Inventory and track all hardware and software (including BYOD)

  • Monitor and secure outbound routes with the same discretion as inbound routes

  • Implement encryption into critical services and paths

  • Maintain and monitor security (e.g., active directory) and edge (e.g., firewall) logs

  • Control, track and audit use of administrative privileges

  • Limit users to least possible privileges

  • Monitor and control account creation and termination

  • Avoid identical distributed passwords (e.g. using the same "local admin" password)

  • Limit and control remote access capabilities (e.g. VPN)

  • Enhance authentication processes

  • Implement and test disaster recovery and business continuity plans

  • Provide continuous security training for alt employees /users

  • Develop solid incident response processes and capability

  • Test defense-in-depth concepts with penetration tests and red teaming

 

Things to Know about Your Network

  • Current Network Diagrams

  • Hardware Inventory

  • Software Inventory

  • AV Logs and Scan Results

  • Firewall Logs

  • Firewall Rules

  • Policies and Procedures Manual