[PCI DSS 3.0] 12.3.5 Acceptable uses of the technology

12.3.5 Acceptable uses of the technology

12.3.5 Verify that the usage policies define acceptable uses for the technology.

By defining acceptable business use and location of company-approved devices and technology,
the company is better able to manage and control gaps in configurations and operational controls, to ensure a “back door” is not opened for a malicious individual to gain access to critical systems and cardholder data.