Chapter 16

Requirement 9

Restrict Physical Access to Cardholder Data

In a world that is grappling with application, network, and host security, physical security is an essential requirement for every enterprise information security program. Requirement 9 of the PCI-DSS deals with physical security and media management. The requirement details specific aspects of physical security, including access-control systems, cameras, monitoring, and visitor management, among other requirements. Additionally, Requirement 9 addresses the essential issue of management of physical media in the organization, including hard drives, backup disks, tapes, and so on. The requirement addresses specific physical security requirements for media. The requirement also ...

Get PCI Compliance now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

PCI Compliance by Abhay Bhargav

Requirement 9

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly