PCI DSS FAQ - Payment Card Industry (PCI) Data Security Standard Discussion Forum  

Go Back   PCI DSS FAQ - Payment Card Industry (PCI) Data Security Standard Discussion Forum > Payment Card Industry Data Security Standard Frequently Asked Questions (PCI DSS FAQ) > Implement Strong Access Control Measures > [PCI-DSS] Requirement 8: Assign a unique ID to each person with computer access
Reload this Page 8.5 Ensure proper user authentication and password management for non-consumer users and administrators on all system components as follows:
Register FAQ Calendar Search Today's Posts Mark Forums Read

[PCI-DSS] Requirement 8: Assign a unique ID to each person with computer access Assigning a unique identification (ID) to each person with access ensures that actions taken on critical data and systems are performed by, and can be traced to, known and authorized users.

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 03-18-2007, 03:12 AM
admin's Avatar
admin admin is offline
Administrator
  
Join Date: Jul 2002
Posts: 229
Default 8.5 Ensure proper user authentication and password management for non-consumer users and administrators on all system components as follows:
8.5 Review procedures and interview personnel to verify that procedures are implemented for user authentication and password management, by performing the following:
Reply With Quote
Reply

Bookmarks
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
10.6 Review logs for all system components at least daily. Log reviews must include those servers that perform security functions like intrusion detection system (IDS) and authentication, authorization, and accounting protocol (AAA) servers (for example, RADIUS). Note: Log harvesting, parsing, and alerting tools may be used to meet compliance with Requirement 10.6 admin [PCI-DSS] Requirement 10: Track and monitor all access to network resources and cardholder data 0 03-18-2007 03:32 AM
10.1 Establish a process for linking all access to system components (especially access done with administrative privileges such as root) to each individual user. admin [PCI-DSS] Requirement 10: Track and monitor all access to network resources and cardholder data 0 03-18-2007 03:25 AM
8.5.16 Authenticate all access to any database containing cardholder data. This includes access by applications, administrators, and all other users admin [PCI-DSS] Requirement 8: Assign a unique ID to each person with computer access 0 03-18-2007 03:17 AM
8.3 Implement two-factor authentication for remote access to the network by employees, administrators, and third parties. Use technologies such as remote authentication and dial-in service (RADIUS) or terminal access controller access control system (TACACS) with tokens; or VPN (based on SSL/TLS or IPSEC) with individual certificates. admin [PCI-DSS] Requirement 8: Assign a unique ID to each person with computer access 0 03-18-2007 03:11 AM
8.1 Identify all users with a unique user name before allowing them to access system components or cardholder data. admin [PCI-DSS] Requirement 8: Assign a unique ID to each person with computer access 0 03-18-2007 03:11 AM


All times are GMT -4. The time now is 07:01 PM.

Contact Us - PCI DSS FAQ - Payment Card Industry (PCI) Data Security Standard Discussion Forum - Archive - Top

All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest ©1997 - 2010 by PCIDSSFAQ.ORG, except where noted otherwise.
Powered by vBulletin, Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
PCI-DSS Forum  |  PA-DSS Forum