In order to maintain a secure network with the enviorment that they have now they must secure all of the servers that it holds in its headquarters and ensure that a firewall is installed to maintain control over the network. They must follow the steps to ensure network is working and that there is a steady and inaccessible connection to cardholders’ information except through specific steps to enter the network. The next step is to encrypt cardholder information so that you are able to transmit the information across public networks. Since most of the workers are remote they will be connecting through a VPN so this would make the process easier to set how the encrypted information will travel because you can set it so that the user is only viewing the information through the VPN. Next is the survivability and resistance to attacks the computers have, so you must maintain a good anti-virus software on the machines so that the machines are protected against viruses that could potentially breath the application and systems on the computers. Along with that maintain predetermined scan of machine to determine that the machine is running the way that it should. Implement strong access control measures such as strong passwords that you have to use for every program that you are using. If possible make it a multi-tiered authentication method to ensure a more secure password. Monitor the access of the information and do not allow unauthorized users the opportunity to access the information. Regularly conduct pen test on the network and keep all logs that trace the activity. Install a IDS and possibly a program to help with logs to show if there is any abnormal activity on the network such as an employee attempting to take the information as well. Above all you must maintain the security policy that should cover all from employee background checks to educating