PCI Requirement 8.5 – Do Not Use Group, Shared, or Generic IDs, or Passwords
PCI Requirement 8.5.1 – Remote Access to Customer Premises Must Use Unique Authentication
PCI Requirement 8: Identify and Authenticate Access to System Components
PCI v4.0 - 8.5.1: Multi-Factor Authentication Systems Are Implemented Appropriately
PCI Readiness Series: Requirement 8
PCI Requirement 12.8.4 and 12.8.5 – Monitor Service Providers’ PCI DSS Compliance Status
PCI Requirement 8.1.5 – Manage IDs Used by 3rd Parties to Access, Support, or Maintain System Comps
PCI Requirement 10 – Track and Monitor all Access to Network Resources and Cardholder Data
PCI Requirement 12.8 – Maintain Policies and Procedures to Manage Service Providers
PCI Requirement 8.3 – Secure All Individual Non-Console Administrative Access
8.5: Manual of CTO PCI - Global Guiding Principles
PCI Requirement 12.8 & 12.8.1 – Manage Service Providers with Cardholder Data Access
PCI Requirement 8.2 – Ensure Proper User-Authentication Management by Something You Know
PCI Requirement 12.3.1 – Explicit Approval by Authorized Parties
PCI Requirement 8.3.1 – Incorporate Multi-Factor Authentication for All Non-Console Access
PCI Requirement 8.2.6 – Set Passwords for First-Time Use and Upon Reset to a Unique Value
PCI Requirement 6.1 – Establish a Process to Identify Security Vulnerabilities
PCI Readiness Series: Penetration Testing
PCI Requirement 10.5.1 – Limit Viewing of Audit Trails to Those with a Job-Related Need
PCI Requirement 12.7 – Screen Personnel Prior to Hire to Minimize the Risk of Attacks
