The PCI DSS was created to provide "an actionable framework for developing a robust account data security process -- including preventing, detecting and reacting to security incidents." It sets about doing this by establishing 12 requirements for technology implementations and the methodologies needed for testing their effectiveness. These requirements fall under six "control objectives," and, as a blueprint for effective data security, many agree that they’re best practices.

Read this brief document to learn what these six control objectives are and how to implement them now.