PCI Requirement 2.4 – Maintain an Inventory of In-Scope System Components
Maintaining an Inventory of Assets We believe that if management is not aware of an asset, it’s probably not appropriately protected. Based on PCI…
Maintaining an Inventory of Assets We believe that if management is not aware of an asset, it’s probably not appropriately protected. Based on PCI…
Administrative Access and Strong Encryption PCI Requirement 2.3 calls out the need to encrypt all non-console administrative access using strong cryptography. If your organization…
Removing All Unnecessary Functionality PCI Requirement 2.2.5 states, “Remove all unnecessary functionality, such as scripts, drivers, features, subsystems, file system, and unnecessary web servers.”…
Preventing Misuse PCI Requirement 2.2.4 requires, “Configure system security parameters to prevent misuse.” There are two parts to compliance with PCI Requirement 2.2.4. First,…
Why Your Organization Needs To Implement Additional Security Features Under PCI Requirement 2, which focuses on hardening your organization’s systems and assets, we find…