To comply with PCI-DSS requirements, you must do the following:
Use equipment and systems that comply with the PCI-DSS’s requirements for processing and storing sensitive cardholder data
Educate your employees about the best practices for working with cardholder data
Complete an annual self-assessment questionnaire (SAQ) or an on-site audit by an external assessor each year
Carry out software scans to discover potential flaws in your system
Best practices
You should also follow our best practices to help you secure your network, which include the following:
Do
Use only PCI-DSS approved PIN entry devices
Use a properly configured firewall on your network and computers
Use strong passwords and change the default passwords on hardware and software
Don’t
Share passwords with employees
Use passwords more than once
Use weak or insecure protocols for connecting to your access point
Connect to access points you don’t trust or haven’t set up yourself
Leave your POS devices unattended
Read more