PCI Requirement 7
Restrict Access to Cardholder Data by Business Need to Know
Complying with PCI Requirement 7 is critical to ensuring that cardholder data is accessed only by authorized personnel. If someone’s job requires that they have access to cardholder data, grant it. But if they can function without it? Deny access. The more people who have access to cardholder data, the more risk there is. Limiting access to those with a legitimate business need can help your organization prevent mismanagement of cardholder data.
Our PCI Requirement 7 videos will discuss the systems and processes that must be in place to limit access to cardholder data based on business need to know. Click on a video below to get start with PCI Requirement 7.