Strong access controls
This chapter covers one of the most important aspects of PCI DSS compliance: access control. The information in this chapter includes restricting access to only those individuals that need it, as well as restricting physical access to computer systems.
Information in this chapter
• Which PCI DSS requirements are in this domain?
• What else can you do to be secure?
• Tools and best practices
• Common mistakes and pitfalls
• Case study
Access controls are fundamental to good security in almost any situation. We put locks on our cars and homes to restrict access to only authorized parties—presumably those with keys. We put passwords on computer accounts ...