|
Security
www.satorireiki.com is hosted on a PCI (Payment Card Industry) Data Security Program compliant infrastructure
through CN Wylie Group Inc. A compliance report is available at www.cnwylie.com/pci_certificate.html.
What is PCI Data Security Standard?
The PCI data security standard is designed to help protect the integrity of the credit card systems and to help mitigate
the risk of fraud and identity theft to credit card holders. Adopted by both VISA and Mastercard (see the Mastercard
SDP Program), PCI applies to card association members, merchants, and service providers that store, process, or
transmit cardholder data. The scope of compliance is on systems for authorization and settlement where cardholder data
is processed, stored, or transmitted.
here are 12 requirements:
- Install and maintain a working firewall to protect data
- Keep security patches up-to-date
- Protect stored data
- Encrypt data sent across public networks
- Use and regularly update anti-virus software
- Restrict access by "need to know"
- Assign unique ID to each person with computer access
- Don't use vendor-supplied defaults for passwords and security parameters
- Track all access to data by unique ID
- Regularly test security systems and processes
- Implement and maintain an information security policy
- Restrict physical access to data
|
