Implement Strong Access Control Measures

Topic	Replies	Views	Activity
About the Implement Strong Access Control Measures category	0	70	January 23, 2023
[PCI DSS 1.x] 8.3 Implement two-factor authentication for remote access to the network by employees, administrato pci-dss-requirement-	3	16530	January 13, 2014
[PCI DSS 1.x] 9.1 Use appropriate facility entry controls to limit and monitor physical access to systems that sto pci-dss-requirement-	1	12611	April 25, 2011
[PCI DSS 1.x] 9.3 Make sure all visitors are handled as follows: (9.3.1 to 9.3.3) pci-dss-requirement-	1	3356	February 23, 2011
[PCI DSS 1.x] 9.4 Use a visitor log to maintain a physical audit trail of visitor activity. Retain this log for a pci-dss-requirement-	1	3945	February 23, 2011
[PCI DSS 1.x] 8.2 In addition to assigning a unique ID, employ at least one of the following methods to authentica pci-dss-requirement-	1	4447	February 17, 2011
[PCI DSS 1.x] 9.1.1 Use cameras to monitor sensitive areas. Audit collected data and correlate with other entries. pci-dss-requirement-	4	6100	July 29, 2010
[PCI DSS 1.x] 8.5.8 Do not use group, shared, or generic accounts and passwords pci-dss-requirement-	1	6463	February 12, 2008
[PCI DSS 1.x] 9.10.2 Purge, degauss, shred, or otherwise destroy electronic media so that cardholder data cannot b pci-dss-requirement-	0	5640	March 18, 2007
[PCI DSS 1.x] 9.10.1 Cross-cut shred, incinerate, or pulp hardcopy materials pci-dss-requirement-	0	4126	March 18, 2007
[PCI DSS 1.x] 9.10 Destroy media containing cardholder data when it is no longer needed for business or legal reas pci-dss-requirement-	0	3071	March 18, 2007
[PCI DSS 1.x] 9.9.1 Properly inventory all media and make sure it is securely stored. pci-dss-requirement-	0	2717	March 18, 2007
[PCI DSS 1.x] 9.9 Maintain strict control over the storage and accessibility of media that contains cardholder dat pci-dss-requirement-	0	3152	March 18, 2007
[PCI DSS 1.x] 9.8 Ensure management approves any and all media that is moved from a secured area (especially when pci-dss-requirement-	0	2632	March 18, 2007
[PCI DSS 1.x] 9.7.2 Send the media by secured courier or other delivery method that can be accurately tracked pci-dss-requirement-	0	3575	March 18, 2007
[PCI DSS 1.x] 9.7.1 Classify the media so it can be identified as confidential pci-dss-requirement-	0	2871	March 18, 2007
[PCI DSS 1.x] 9.7 Maintain strict control over the internal or external distribution of any kind of media that con pci-dss-requirement-	0	3636	March 18, 2007
[PCI DSS 1.x] 9.6 Physically secure all paper and electronic media (including computers, electronic media, network pci-dss-requirement-	0	3497	March 18, 2007
[PCI DSS 1.x] 9.5 Store media back-ups in a secure location, preferably an off-site facility, such as an alternate pci-dss-requirement-	0	3133	March 18, 2007
[PCI DSS 1.x] 9.3.3 Asked to surrender the physical token before leaving the facility or at the date of expiration pci-dss-requirement-	0	2997	March 18, 2007
[PCI DSS 1.x] 9.3.2 Given a physical token (for example, a badge or access device) that expires and that identifie pci-dss-requirement-	0	3379	March 18, 2007
[PCI DSS 1.x] 9.3.1 Authorized before entering areas where cardholder data is processed or maintained pci-dss-requirement-	0	2809	March 18, 2007
[PCI DSS 1.x] 9.2 Develop procedures to help all personnel easily distinguish between employees and visitors, espe pci-dss-requirement-	0	3378	March 18, 2007
[PCI DSS 1.x] 9.1.3 Restrict physical access to wireless access points, gateways, and handheld devices pci-dss-requirement-	0	3543	March 18, 2007
[PCI DSS 1.x] 9.1.2 Restrict physical access to publicly accessible network jacks pci-dss-requirement-	0	4437	March 18, 2007
[PCI DSS 1.x] 8.5.16 Authenticate all access to any database containing cardholder data. This includes access by a pci-dss-requirement-	0	5293	March 18, 2007
[PCI DSS 1.x] 8.5.15 If a session has been idle for more than 15 minutes, require the user to re-enter the passwor pci-dss-requirement-	0	4364	March 18, 2007
[PCI DSS 1.x] 8.5.14 Set the lockout duration to thirty minutes or until administrator enables the user ID pci-dss-requirement-	0	3516	March 18, 2007
[PCI DSS 1.x] 8.5.13 Limit repeated access attempts by locking out the user ID after not more than six attempts pci-dss-requirement-	0	3687	March 18, 2007
[PCI DSS 1.x] 8.5.12 Do not allow an individual to submit a new password that is the same as any of the last four pci-dss-requirement-	0	2722	March 18, 2007