Implement Strong Access Control Measures

Topic	Replies	Views	Activity
About the Implement Strong Access Control Measures category	0	11	January 23, 2023
[PCI DSS 1.x] 8.3 Implement two-factor authentication for remote access to the network by employees, administrato pci-dss-requirement-	3	16447	January 13, 2014
[PCI DSS 1.x] 9.1 Use appropriate facility entry controls to limit and monitor physical access to systems that sto pci-dss-requirement-	1	12544	April 25, 2011
[PCI DSS 1.x] 9.3 Make sure all visitors are handled as follows: (9.3.1 to 9.3.3) pci-dss-requirement-	1	3287	February 23, 2011
[PCI DSS 1.x] 9.4 Use a visitor log to maintain a physical audit trail of visitor activity. Retain this log for a pci-dss-requirement-	1	3876	February 23, 2011
[PCI DSS 1.x] 8.2 In addition to assigning a unique ID, employ at least one of the following methods to authentica pci-dss-requirement-	1	4381	February 17, 2011
[PCI DSS 1.x] 9.1.1 Use cameras to monitor sensitive areas. Audit collected data and correlate with other entries. pci-dss-requirement-	4	6013	July 29, 2010
[PCI DSS 1.x] 8.5.8 Do not use group, shared, or generic accounts and passwords pci-dss-requirement-	1	6392	February 12, 2008
[PCI DSS 1.x] 9.10.2 Purge, degauss, shred, or otherwise destroy electronic media so that cardholder data cannot b pci-dss-requirement-	0	5580	March 18, 2007
[PCI DSS 1.x] 9.10.1 Cross-cut shred, incinerate, or pulp hardcopy materials pci-dss-requirement-	0	4035	March 18, 2007
[PCI DSS 1.x] 9.10 Destroy media containing cardholder data when it is no longer needed for business or legal reas pci-dss-requirement-	0	2992	March 18, 2007
[PCI DSS 1.x] 9.9.1 Properly inventory all media and make sure it is securely stored. pci-dss-requirement-	0	2650	March 18, 2007
[PCI DSS 1.x] 9.9 Maintain strict control over the storage and accessibility of media that contains cardholder dat pci-dss-requirement-	0	3070	March 18, 2007
[PCI DSS 1.x] 9.8 Ensure management approves any and all media that is moved from a secured area (especially when pci-dss-requirement-	0	2584	March 18, 2007
[PCI DSS 1.x] 9.7.2 Send the media by secured courier or other delivery method that can be accurately tracked pci-dss-requirement-	0	3513	March 18, 2007
[PCI DSS 1.x] 9.7.1 Classify the media so it can be identified as confidential pci-dss-requirement-	0	2797	March 18, 2007
[PCI DSS 1.x] 9.7 Maintain strict control over the internal or external distribution of any kind of media that con pci-dss-requirement-	0	3576	March 18, 2007
[PCI DSS 1.x] 9.6 Physically secure all paper and electronic media (including computers, electronic media, network pci-dss-requirement-	0	3444	March 18, 2007
[PCI DSS 1.x] 9.5 Store media back-ups in a secure location, preferably an off-site facility, such as an alternate pci-dss-requirement-	0	3075	March 18, 2007
[PCI DSS 1.x] 9.3.3 Asked to surrender the physical token before leaving the facility or at the date of expiration pci-dss-requirement-	0	2915	March 18, 2007
[PCI DSS 1.x] 9.3.2 Given a physical token (for example, a badge or access device) that expires and that identifie pci-dss-requirement-	0	3279	March 18, 2007
[PCI DSS 1.x] 9.3.1 Authorized before entering areas where cardholder data is processed or maintained pci-dss-requirement-	0	2753	March 18, 2007
[PCI DSS 1.x] 9.2 Develop procedures to help all personnel easily distinguish between employees and visitors, espe pci-dss-requirement-	0	3317	March 18, 2007
[PCI DSS 1.x] 9.1.3 Restrict physical access to wireless access points, gateways, and handheld devices pci-dss-requirement-	0	3478	March 18, 2007
[PCI DSS 1.x] 9.1.2 Restrict physical access to publicly accessible network jacks pci-dss-requirement-	0	4358	March 18, 2007
[PCI DSS 1.x] 8.5.16 Authenticate all access to any database containing cardholder data. This includes access by a pci-dss-requirement-	0	5230	March 18, 2007
[PCI DSS 1.x] 8.5.15 If a session has been idle for more than 15 minutes, require the user to re-enter the passwor pci-dss-requirement-	0	4287	March 18, 2007
[PCI DSS 1.x] 8.5.14 Set the lockout duration to thirty minutes or until administrator enables the user ID pci-dss-requirement-	0	3464	March 18, 2007
[PCI DSS 1.x] 8.5.13 Limit repeated access attempts by locking out the user ID after not more than six attempts pci-dss-requirement-	0	3612	March 18, 2007
[PCI DSS 1.x] 8.5.12 Do not allow an individual to submit a new password that is the same as any of the last four pci-dss-requirement-	0	2655	March 18, 2007