Chapter 6

Strong access controls

Abstract

This chapter covers one of the most important aspects of PCI DSS compliance: access control. The information in this chapter includes restricting access to only those individuals that need it, as well as restricting physical access to computer systems.

Keywords

Access controls

RBAC

Need-to-know

Information in this chapter

• Which PCI DSS requirements are in this domain?

• What else can you do to be secure?

• Tools and best practices

• Common mistakes and pitfalls

• Case study

Access controls are fundamental to good security in almost any situation. We put locks on our cars and homes to restrict access to only authorized parties—presumably those with keys. We put passwords on computer accounts ...

Get PCI Compliance, 4th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

PCI Compliance, 4th Edition by Branden R. Williams, Anton Chuvakin

Strong access controls

Abstract

Keywords

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly