PCI DSS Maintenance

  • PCI DSS Requirement 6.1: Perform Necessary Operating System and Application Updates on monthly basis. Check off this requirement on a copy of the work order.
  • Apply OS Security Patches, and any applicable Hot Fixes
  • PCI DSS Requirement 5.1: Ensure compliant anti-virus software is deployed and perform Antivirus Updates as well as Scan System. Check off this requirement on a copy of the work order.
  • Analyze System Error Logs to Determine any abnormal behavior
  • Update any outdated Drivers, firmware versions
  • PCI DSS requirement 2.2.4: Remove all unnecessary scripts, drivers, features, subsystems, file systems, and web services. Check off this requirement on a copy of the work order.
  • Run a Disk analyzer, report Errors
  • Disk Maintenance/Cleanup, Cleanup, Disk Defragmentation
  • Physical Inspection of the System Interior Check All Cables & Connections
  • Run a comprehensive asset report for each physical PC that is covered by that agreement
  • PCI DSS requirement 1.1.6: Review Firewall and Router Rule Sets twice a year. Check off this requirement on a copy of the work order.
  • PCI DSS requirement 2.2. (a) : Maintain a standard for equipment and software company wide.  Maintain documentation for each property.
  • PCI DSS requirement 2.2.1 : Verify and document each server has only one primary function. Check off this requirement on a copy of the work order.
  • PCI DSS requirement 2.2.2 : Ensure all services and protocols are turned off as listed in PCI DSS Site Security Manual.  If additional services are turned on annotate and inform management. Check off this requirement on a copy of the work order.
  • PCI DSS requirement 6.2 (a) and (b): Use scanning appliance and remove any discovered vulnerabilities on a monthly basis. Print Scan and leave with work order. Check off this requirement on a copy of the work order.
  • PCI DSS requirement 11.1: Quarterly Net Stumble of all WiFi devices and validate against listing of devises in Site Security Manual.  Check off this requirement on a copy of the work order.
  • PCI DSS requirement 1.1.1, 1.1.2 and 11.2: Quarterly Internal and External Network scans, including a network diagram as referenced in section 9 of the security manual “Policies Regarding Information Security”, with passing PCI DSS compliance report printed and left with work order.  Check off this requirement on a copy of the work order.
  • PCI DSS requirement 11.3: Assist in implementing internal and External Penetration test to be performed annually.   (PCI DSS requirements disqualify us from performing these tests.)
  • PCI DSS requirement 11.4: Review Intrusion Detection logs, ensure that the software is up to date on a monthly basis. Check off this requirement on a copy of the work order.
  • PCI DSS requirement 11.5: Review File Integrity logs, ensure that the software is up to date on a monthly basis. Check off this requirement on a copy of the work order.
  • PCI DSS requirement 12.9.3: Inquire and document that specific personnel are designated to be available on a 24/7 basis to respond to alerts.  Check off this requirement on a copy of the work order.