Requirement 1: Maintain firewall configuration to protect cardholder data
Requirement 2: No vendor-supplied default system passwords or configurations
Requirement 3: Protect stored cardholder data
Requirement 4: Encrypt transmission of cardholder data over open networks
Requirement 5: Protect systems against malware, regularly update antivirus programs
Requirement 6: Develop and maintain secure systems and applications
Requirement 7: Restrict access to cardholder data
Requirement 8: Identify and authenticate access to cardholder data
Requirement 9: Restrict physical access to cardholder data
Requirement 10: Track and monitor all access to network resources and cardholder data
Requirement 11: Regularly test security systems and processes
Requirement 12: Maintain an information security policy for all personnel