PCI Requirement 8.2 ā Ensure Proper User-Authentication Management by Something You Know, Something You Have, or Something You Are
by Randy Bartels / December 21st, 2017
ļ»æ Proper User-Authentication Management PCI Requirement 8.2 adds an additional layer of security to user IDs by requiring something you know, something you have,…
PCI Requirement 8.1.8 ā Require Re-Authentication After 15 Minutes of Inactivity
by Randy Bartels / December 21st, 2017
Inactive Sessions Iām sure youāve witnessed or heard about situations where someone gets up from their workstation, but their session doesnāt log out. Inevitably,…
PCI Requirement 8.1.7 ā Set Lockout Duration to a Minimum of 30 Minutes
by Randy Bartels / December 21st, 2017
ļ»æ Account Lockout Duration Once a user account is locked out after six log-in attempts, that account must remain locked. PCI Requirement 8.1.7 states,…
PCI Requirement 8.1.6 ā Limit Repeated Access Attempts by Locking Out User ID After No More Than Six Attempts
by Randy Bartels / December 21st, 2017
Appropriate Account Lockout Mechanisms PCI Requirement 8.1.6 states, āLimit repeated access attempts by locking out the user ID after no more than six attempts.ā…
PCI Requirement 8.1.5 ā Manage IDs Used by Third Parties to Access, Support, or Maintain System Components via Remote Access
by Randy Bartels / December 21st, 2017
Managing Third-Party Access PCI Requirement 8.1.5 focuses on managing third-party access to your system. In situations where youāve given user IDs to third parties…