|
About the Implement Strong Access Control Measures (Requirem category
|
|
0
|
82
|
January 23, 2023
|
|
[PCI DSS 3.0] 9.10 Ensure that security policies and operational procedures for restricting physical access to car
|
|
0
|
2423
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.9.3 Provide training for personnel to be aware of attempted tampering or replacement of devices. T
|
|
0
|
2577
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.9.2 Periodically inspect device surfaces to detect tampering (for example, addition of card skimme
|
|
0
|
2491
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.9.1 Maintain an up-to-date list of devices. The list should include the following:
|
|
0
|
2047
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.9 Protect devices that capture payment card data via direct physical interaction with the card fro
|
|
0
|
2056
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.8.2 Render cardholder data on electronic media unrecoverable so that cardholder data cannot be rec
|
|
0
|
2261
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.8.1 Shred, incinerate, or pulp hard- copy materials so that cardholder data cannot be reconstructe
|
|
0
|
2492
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.8 Destroy media when it is no longer needed for business or legal reasons as follows:
|
|
0
|
1956
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.7.1 Properly maintain inventory logs of all media and conduct media inventories at least annually.
|
|
0
|
2911
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.7 Maintain strict control over the storage and accessibility of media.
|
|
0
|
1859
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.6.3 Ensure management approves any and all media that is moved from a secured area (including when
|
|
0
|
1830
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.6.2 Send the media by secured courier or other delivery method that can be accurately tracked.
|
|
0
|
2299
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.6.1 Classify media so the sensitivity of the data can be determined.
|
|
0
|
3198
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.6 Maintain strict control over the internal or external distribution of any kind of media, includi
|
|
0
|
2236
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.5.1 Store media backups in a secure location, preferably an off-site facility, such as an alternat
|
|
0
|
2342
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.5 Physically secure all media.
|
|
0
|
2634
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.4.4 A visitor log is used to maintain a physical audit trail of visitor activity to the facility a
|
|
0
|
2753
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.4.3 Visitors are asked to surrender the badge or identification before leaving the facility or at
|
|
0
|
1697
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.4.2 Visitors are identified and given a badge or other identification that expires and that visibl
|
|
0
|
1889
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.4.1 Visitors are authorized before entering, and escorted at all times within, areas where cardhol
|
|
0
|
2063
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.4 Implement procedures to identify and authorize visitors.
|
|
0
|
1747
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.3 Control physical access for onsite personnel to the sensitive areas as follows:
|
|
0
|
2323
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.2 Develop procedures to easily distinguish between onsite personnel and visitors, to include:
|
|
0
|
2443
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.1.3 Restrict physical access to wireless access points, gateways, handheld devices, networking/com
|
|
0
|
1907
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.1.2 Implement physical and/or logical controls to restrict access to publicly accessible network j
|
|
0
|
2346
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.1.1 Use video cameras and/or access control mechanisms to monitor individual physical access to se
|
|
0
|
4166
|
September 23, 2014
|
|
[PCI DSS 3.0] 9.1 Use appropriate facility entry controls to limit and monitor physical access to systems in the c
|
|
0
|
2074
|
September 23, 2014
|
|
[PCI DSS 3.0] 8.8 Ensure that security policies and operational procedures for identification and authentication a
|
|
0
|
2217
|
September 23, 2014
|
|
[PCI DSS 3.0] 8.7 All access to any database containing cardholder data (including access by applications, adminis
|
|
0
|
5259
|
September 23, 2014
|