PCI Requirement 9 – Restrict Physical Access to Cardholder Data

January 30, 2018
Learn more at https://kirkpatrickprice.com/video/pci-requirement-9-restrict-physical-access-cardholder-data/ What would happen if your organization had no physical access controls protecting cardholder data? Made no effort to restrict physical access to cardholder data? No locks on the doors, no badge or identification system, no security guards, no receptionist? Without physical access controls, you give unauthorized persons a plethora of ways to potentially gain access to your facility and to steal, disable, disrupt, or destroy your critical systems and cardholder data. This is why PCI Requirement 9 requires, “Restrict physical access to cardholder data.” PCI Requirement 9 details 28 sub-requirements to help your organization restrict physical access to cardholder data. As you learn more about PCI Requirement 9, you’ll hear a few key terms over and over again. For the purposes of this requirement, onsite personnel are defined as full-time and part-time employees, temporary employees, contractors, and consultants who are physically present on an entity’s premise. Visitors are vendors, third parties, guests of any onsite personnel, service workers, or anyone who needs to enter the facility for a short duration, usually not more than one day. Media is all paper and electronic media containing cardholder data.
Previous Video
PCI Requirement 9.5 – Physically Secure all Media
PCI Requirement 9.5 – Physically Secure all Media

Learn more at https://kirkpatrickprice.com/video/pci-requirement-9-5-physically-secure-media/ At your organ...

Next Video
PCI Requirement 9.9 – Protect Devices That Capture Payment Card Data via Direct Physical Interaction
PCI Requirement 9.9 – Protect Devices That Capture Payment Card Data via Direct Physical Interaction

Learn more at https://kirkpatrickprice.com/video/pci-requirement-9-9-protect-devices-capture-payment-card-d...