PCI Requirement 12.3.2 – Authentication for Use of the Technology
Proper Authentication in Usage Policies We learned about authentication methods in PCI Requirement 7, and that ties in here. The more people who…
Proper Authentication in Usage Policies We learned about authentication methods in PCI Requirement 7, and that ties in here. The more people who…
Who Approves Usage Policies? Your usage policies, as stated in PCI Requirement 12.3.1, should require explicit approval by authorized parties. The PCI DSS…
Developing Usage Policies In order to prohibit inappropriate use of devices or technology, PCI Requirement 12.3 requires, “Develop usage policies for critical technologies…
What is a Risk Assessment? Most information security frameworks require a formally documented, annual risk assessment, and the PCI DSS is no different.…
Establishing an Information Security Policy PCI Requirement 12.1 states, “Establish, publish, maintain, and disseminate a security policy.” Pretty straightforward, right? Guidance on information…