Learn more at [ Ссылка ]
PCI Requirement 10.2.1 requires that audit trails reconstruct all individual user accesses to cardholder data. What’s purpose of PCI Requirement 10.2.1? The PCI DSS guidance explains, “Malicious individuals could obtain knowledge of a user account with access to systems in the CDE, or they could create a new, unauthorized account in order to access cardholder data. A record of all individual accesses to cardholder data can identify which accounts may have been compromised or misused.”
Anytime someone accesses cardholder data, a log should be generated. An assessor will work with your database and network administrators to verify that all individual access to cardholder data is logged.
Stay Connected
Twitter: [ Ссылка ]
LinkedIn: [ Ссылка ]
Facebook: [ Ссылка ]
More Free Resources
Blog: [ Ссылка ]
Webinars: [ Ссылка ]
Videos: [ Ссылка ]
White Papers: [ Ссылка ]
About Us
KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to clients in more than 48 states, Canada, Asia, and Europe. The firm has over 13 years of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST CSF, GDPR, ISO 27001, FISMA, and CFPB frameworks.
For more about KirkpatrickPrice: [ Ссылка ]
Contact us today: 800-770-2701 [ Ссылка ]
Ещё видео!