CHAPTER 8: ASPECTS OF PCI DSS COMPLIANCE
Requirement 1 (Install and maintain a firewall configuration to protect cardholder data)
- Establish and implement firewall and router configuration standards.
- Build firewall and router configurations that restrict connections between untrusted networks and any system components in the cardholder data environment.
- Prohibit direct public access between the Internet and any system component in the cardholder data environment.
- Install personal firewall software on any mobile and/or employee-owned devices that connect to the Internet when outside the network.
- Ensure that security policies and operational procedures for managing firewalls are documented, in use, and known to all affected parties.
- Maintain ...