[PCI DSS 3.0] [PCI DSS 3.0] 12.3.7 List of company-approved products

pcinetwork

PCINetwork.org Admin
#1
12.3.7 List of company-approved products

12.3.7 Verify that the usage policies include a list of company-approved products.

By defining acceptable business use and location of company-approved devices and technology,
the company is better able to manage and control gaps in configurations and operational controls, to ensure a “back door” is not opened for a malicious individual to gain access to critical systems and cardholder data.
 
Top