PCI DSS 4.0 Requirements – Restrict Access, Identify Users and Authenticate Access

PCI DSS 4.0 Requirements 7 and 8

In the early days of computer networking, the idea of restricted permissions was shunned. Network administrators could access every system in the environment. In some extreme cases, a CEO would demand full administrative access to a network, thinking that this would protect against a rogue employee. As you can imagine, this set up a point of failure beyond logic. Fortunately, this ideology of unlimited access has waned, and many C-level executives now realize that they are high-level targets, so they appreciate that their access should be limited to only what they need to run the executive…

The post “PCI DSS 4.0 Requirements – Restrict Access, Identify Users and Authenticate Access” appeared first on TripWire

Source:TripWire – Editorial Staff