PCI Requirement 12.3.6 – Acceptable Network Locations for the Technologies
by Randy Bartels / July 3rd, 2018
Acceptable Network Locations Your usage policies, as stated in PCI Requirement 12.3.6, should detail acceptable network locations for the technology at your organization.…
PCI Requirement 12.3.5 – Acceptable Uses of the Technology
by Randy Bartels / July 3rd, 2018
Acceptable Use Policies Your usage policies, as stated in PCI Requirement 12.3.5, should detail acceptable uses of the technology at your organization. Acceptable…
PCI Requirement 12.3.4 – A Method to Accurately and Readily Determine Owner, Contact Information, and Purpose
by Randy Bartels / July 3rd, 2018
Identification System Your usage policies should have a method for identifying who an asset-owner is. PCI Requirement 12.3.4 specifically details, “A method to…
PCI Requirement 12.3.3 – A List of All Devices and Personnel with Access
by Randy Bartels / July 3rd, 2018
Approved Devices and Personnel with Access To create compliant usage policies, your organization must meet PCI Requirement 12.3.3, which requires you to keep…
PCI Requirement 12.3.2 – Authentication for Use of the Technology
by Randy Bartels / July 3rd, 2018
Proper Authentication in Usage Policies We learned about authentication methods in PCI Requirement 7, and that ties in here. The more people who…