New requirements in PCI DSS 3.0 include:
- Methodology-based penetration testing to verify that the methods used to segment the merchant cardholder data environment (CDE) from other IT infrastructure
- Inventory of all hardware and software components within the cardholder data environment
- Documentation detailing which requirements are managed by third-party vendors vs. which are managed by the organization
- Antimalware detection and remediation processes for systems
- Physical access controls for onsite personnel and methods to protect payment data-capture devices from tampering and substitution
HTS PCI compliance services can assist with making sure your organization is in complete compliance when it comes to your IT infrastructure.
Call us today!
