PCI DSS FAQ - Payment Card Industry (PCI) Data Security Standard Discussion Forum  

Go Back   PCI DSS FAQ - Payment Card Industry (PCI) Data Security Standard Discussion Forum > Payment Card Industry Data Security Standard Frequently Asked Questions (PCI DSS FAQ) > Implement Strong Access Control Measures > [PCI-DSS] Requirement 8: Assign a unique ID to each person with computer access
Reload this Page 8.2 In addition to assigning a unique ID, employ at least one of the following methods to authenticate all users: * Password * Token devices (for example, SecureID, certificates, or public key) * Biometrics
Register FAQ Calendar Search Today's Posts Mark Forums Read

[PCI-DSS] Requirement 8: Assign a unique ID to each person with computer access Assigning a unique identification (ID) to each person with access ensures that actions taken on critical data and systems are performed by, and can be traced to, known and authorized users.

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 03-18-2007, 03:11 AM
admin's Avatar
admin admin is offline
Administrator
  
Join Date: Jul 2002
Posts: 229
Default 8.2 In addition to assigning a unique ID, employ at least one of the following methods to authenticate all users: * Password * Token devices (for example, SecureID, certificates, or public key) * Biometrics
8.2 To verify that users are authenticated using unique ID and additional authentication (for example, a password) for access to the cardholder environment, perform the following:
* Obtain and examine documentation describing the authentication method(s) used
* For each type of authentication method used and for each type of system component, observe an authentication to verify authentication is functioning consistent with documented authentication method(s)
Reply With Quote
Reply

Bookmarks
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
[PCI-DSS] 4.1 Use strong cryptography and security protocols such as SSL/TLS or IPSEC to safeguard sensitive cardholder data during transmission over open, public networks. admin [PCI-DSS] Requirement 4: Encrypt transmission of cardholder data across open, public networks 3 05-03-2010 08:38 AM
8.5.16 Authenticate all access to any database containing cardholder data. This includes access by applications, administrators, and all other users admin [PCI-DSS] Requirement 8: Assign a unique ID to each person with computer access 0 03-18-2007 03:17 AM
8.5.7 Communicate password procedures and policies to all users who have access to cardholder data admin [PCI-DSS] Requirement 8: Assign a unique ID to each person with computer access 0 03-18-2007 03:14 AM
8.5 Ensure proper user authentication and password management for non-consumer users and administrators on all system components as follows: admin [PCI-DSS] Requirement 8: Assign a unique ID to each person with computer access 0 03-18-2007 03:12 AM
8.1 Identify all users with a unique user name before allowing them to access system components or cardholder data. admin [PCI-DSS] Requirement 8: Assign a unique ID to each person with computer access 0 03-18-2007 03:11 AM


All times are GMT -4. The time now is 07:01 PM.

Contact Us - PCI DSS FAQ - Payment Card Industry (PCI) Data Security Standard Discussion Forum - Archive - Top

All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest ©1997 - 2010 by PCIDSSFAQ.ORG, except where noted otherwise.
Powered by vBulletin, Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
PCI-DSS Forum  |  PA-DSS Forum