Chapter 14

Requirement 7

Restrict Access to Cardholder Data by Business Need to Know

Access control is a primal and fundamental characteristic of any information security program. Access control is the practice of exerting control over individuals or objects that are allowed/disallowed to access a given system. Effective access control hinges on specific concepts and methods that are important to understand and implement access control across diverse systems like operating systems, applications, network devices, physical areas, and so on. Requirement 7 of the PCI-DSS deals exclusively with these concepts of access control and their practice and implementation across the PCI environment.

In this chapter, we will explore Requirement 7 of the PCI-DSS. ...

Get PCI Compliance now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

PCI Compliance by Abhay Bhargav

Requirement 7

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly