PCI Requirement 9.10 – Ensure Policies and Procedures for Restricting Physical Access to Cardholder Data are Documented, In Use, and Known to All Affected Parties
by Randy Bartels / January 31st, 2018
Implementing PCI Requirement 9.10 PCI Requirement 9 states, “Restrict physical access to cardholder data.” Complying with PCI Requirement 9 is critical to ensuring…
PCI Requirement 9.9.3 – Provide Training for Personnel to Be Aware of Attempted Tampering or Replacement of Devices
by Randy Bartels / January 31st, 2018
Training on Tampering Your organization must protect the integrity of devices that physically interact with cardholder data. PCI Requirement 9.9.3 requires that your…
PCI Requirement 9.9.2 – Periodically Inspect Device Surfaces to Detect Tampering or Substitution
by Randy Bartels / January 31st, 2018
Inspect for Tampering or Substitution PCI Requirement 9.9.2 is focused specifically on the physical inspection of devices that physically interact with payment card…
PCI Requirement 9.9.1 – Maintain an Up-To-Date List of Devices
by Randy Bartels / January 31st, 2018
Keeping a List of Card-Reading Devices If your organization utilizes devices that physically interact with cardholder data (card-reading devices), PCI Requirement 9.9.1 requires…
PCI Requirement 9.9 – Protect Devices That Capture Payment Card Data via Direct Physical Interaction with the Card from Tampering and Substitution
by Randy Bartels / January 31st, 2018
Protecting Card-Reading Devices Does your organization utilize card-reading devices? If so, you risk the chance of criminals tampering or manipulating your devices. PCI…