PCI Requirement 12.4 – Ensure Security Policies and Procedures Clearly Define Information Security Responsibilities for All Personnel
by Randy Bartels / July 3rd, 2018
Security Responsibilities PCI Requirement 12.4 establishes the requirement to ensure that the security policy and procedures clearly define information security responsibilities for all…
PCI Requirement 12.3.9 – Activation of Remote-Access Technologies for Vendors and Business Partners Only When Needed
by Randy Bartels / July 3rd, 2018
Vendor Management in Usage Policies Organizations on the road to PCI compliance must recognize the importance of vendor management. Your usage policies should…
PCI Requirement 12.3.8 – Automatic Disconnect of Sessions for Remote-Access Technologies After a Specific Period of Inactivity
by Randy Bartels / July 3rd, 2018
Automatic Disconnect in Your Usage Policies Remote-access technologies are a constant source of risk for critical resources and cardholder data. This is why…
PCI Requirement 12.3.7 – List of Company-Approved Products
by Randy Bartels / July 3rd, 2018
Acceptable Products Your usage policies, as stated in PCI Requirement 12.3.7, should include a list of company-approved products. This list will correlate with…