PCI Requirement 10.2.1 – All Individual User Accesses to Cardholder Data

Описание к видео PCI Requirement 10.2.1 – All Individual User Accesses to Cardholder Data

Learn more at https://kirkpatrickprice.com/video/pc...
PCI Requirement 10.2.1 requires that audit trails reconstruct all individual user accesses to cardholder data. What’s purpose of PCI Requirement 10.2.1? The PCI DSS guidance explains, “Malicious individuals could obtain knowledge of a user account with access to systems in the CDE, or they could create a new, unauthorized account in order to access cardholder data. A record of all individual accesses to cardholder data can identify which accounts may have been compromised or misused.”
Anytime someone accesses cardholder data, a log should be generated. An assessor will work with your database and network administrators to verify that all individual access to cardholder data is logged.
Stay Connected
Twitter:   / kpaudit  
LinkedIn:   / kirkpatrickprice-llc  
Facebook:   / kirkpatrickprice  

More Free Resources
Blog: https://kirkpatrickprice.com/blog/
Webinars: https://kirkpatrickprice.com/webinars/
Videos: https://kirkpatrickprice.com/video/
White Papers: https://kirkpatrickprice.com/white-pa...

About Us
KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to clients in more than 48 states, Canada, Asia, and Europe. The firm has over 13 years of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST CSF, GDPR, ISO 27001, FISMA, and CFPB frameworks.

For more about KirkpatrickPrice: https://kirkpatrickprice.com/
Contact us today: 800-770-2701 https://kirkpatrickprice.com/contact/

Комментарии

Информация по комментариям в разработке

Похожие видео