PCI Requirement 7.2.1 – Coverage of all System Components

PCI Requirement 7.2.1 – Coverage of all System Components

Access Control Systems on All System Components

PCI Requirement 7.2.1 requires that your organization’s access control systems include coverage of all system components. Access control systems are incredibly important because they protect your organization from unknowingly granting access to the cardholder data environment to an unauthorized user. Implementing PCI Requirement 7.2.1 ensures that your entire system is protecting the cardholder data environment and supporting role based access controls.

During a PCI assessment, your system settings and relevant documentation will be examined to verify that your access control systems are in place on all system components.

Video Transcript

When developing and/or purchasing systems, we need to make sure that all applications that you have – whether it be an operating system, database, regardless of what it is – and the entire environment is capable of supporting role based access controls.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *