Chapter 6
Strong access controls
Abstract
This chapter covers one of the most important aspects of PCI DSS compliance: access control. The information in this chapter includes restricting access to only those individuals that need it, as well as restricting physical access to computer systems.
Keywords
Access controls
RBAC
Need-to-know
Information in this chapter
• Which PCI DSS requirements are in this domain?
• What else can you do to be secure?
• Tools and best practices
• Common mistakes and pitfalls
• Case study
Access controls are fundamental to good security in almost any situation. We put locks on our cars and homes to restrict access to only authorized parties—presumably those with keys. We put passwords on computer accounts ...
Get PCI Compliance, 4th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.