PCI (Payment Card Industry Security Standard)
Install and maintain a firewall configuration to protect cardholder data
Req 1.2.3
1.2.3 Install perimeter firewalls between all wireless networks and the cardholder data environment and configure these firewalls to deny or if traffic is necessary for business purposes permit only authorized traffic between the wireless environment and the cardholder data environment.
The known (or unknown) implementation and exploitation of wireless technology within a network is a common path for malicious individuals to gain access to the network and cardholder data. If a wireless device or network is installed without the entity’s knowledge a malicious individual could easily and “invisibly” enter the network. If firewalls do not restrict access from wireless networks into the CDE malicious individuals that gain unauthorized access to the wireless network can easily connect to the CDE and compromise account information. Firewalls must be installed between all wireless networks and the CDE regardless of the purpose of the environment to which the wireless network is connected. This may include but is not limited to corporate networks retail stores guest networks warehouse environments etc.
Click here to Start your FREE trial today!
What is a Cybersecurity Compliance Framework?
You don’t need to clutter your security and privacy programs with an ever-increasing number of tools as they become more sophisticated. The Lionfish platform offers a one-stop solution to track progress and monitor any framework, from custom-built ones to highly-specialized and in-demand top security and privacy frameworks and certifications.
With the Lionfish platform, every framework is supported with guided scoping, policies, controls, automated evidence collection, and continuous monitoring, ensuring efficient preparation for audits or attestation in minimal time.
The Lionfish platform is compatible with a wide range of security and privacy frameworks, including:
- CMMC v2
- HIPAA
- NERC CIP-002 through CIP-014 Revision 6
- NIST 800-171
- NIST 800-172
- PCI (Payment Card Industry Security Standard)
- SOC 2
- NIST 800-53
- NIST SP800-161 Supply Chain Risk Management
- NIST-CSF
- CIS Framework Controls V8
Click here to Start your FREE trial today!