Chapter 15

Requirement 8

Access-Control Requirements for PCI Environments

Our focus in this chapter will be on access control. In Chapter 14, we had an overview of the access-control concepts that are necessary for a PCI environment. However, in this chapter, our orientation changes specifically to explore access-control implementation requirements for a PCI environment. We will delve deeply into access control and throw light on specific areas of access control such as password management, two-factor authentication, access-control specifics for databases, and so on. We will look at the correlation of access-control requirements to the PA-DSS as well.

15.1 Unique IDs for Users: PCI Environment

15.1.1 Requirement 8.1: Assign Unique IDs to Users ...

Get PCI Compliance now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

PCI Compliance by Abhay Bhargav

Requirement 8

15.1 Unique IDs for Users: PCI Environment

15.1.1 Requirement 8.1: Assign Unique IDs to Users ...

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly