PCI DSS Requirement 7: Restrict Access Based on Least Privilege and Business Need to Know

You wouldn’t give everybody access to the keys to your kingdom, would you?

I didn’t think so.

It’s important to safeguard cardholder data by restricting access to system components and stored CHD by business need to know.

PCI DSS Requirement 7 is fairly straight forward and easy to understand.

In this course, you’ll learn the following:

  • Least Privilege
  • Business Need to Know
  • 4 Access Control Models
  • Key elements needed in your Access Management Policy
  • Processes, Evidence, and Control Settings

Course Curriculum

Start Next Lesson PCI DSS Requirement 7
Restrict Access to System Components and Cardholder Data by Business Need to Know