Requirement 9.1.1 is about effectively managing and maintaining the various policies and procedures specified throughout Requirement 9. While it is important to define the specific policies or procedures called out in Requirement 9, it is equally important to ensure they are properly documented, maintained, and disseminated.
It is important to update policies and procedures as needed to address changes in processes, technologies, and business objectives. For these reasons, consider updating these documents as soon as possible after a change occurs and not only on a periodic cycle.
Security policies define the entity's security objectives and principles. Operational procedures describe how to perform activities, and define the controls, methods, and processes that are followed to achieve the desired result in a consistent manner and in accordance with policy objectives.
If roles and responsibilities are not formally assigned, personnel may not be aware of their day-to-day responsibilities and critical activities may not occur.
Roles and responsibilities may be documented within policies and procedures or maintained within separate documents. As part of communicating roles and responsibilities, entities can consider having personnel acknowledge their acceptance and understanding of their assigned roles and responsibilities.
A method to document roles and responsibilities is a responsibility assignment matrix that includes who is responsible, accountable, consulted, and informed (also called a RACI matrix).
Requirement 9.1.1 is about effectively managing and maintaining the various policies and procedures specified throughout Requirement 9. While it is important to define the specific policies or procedures called out in Requirement 9, it is equally important to ensure they are properly documented, maintained, and disseminated.
It is important to update policies and procedures as needed to address changes in processes, technologies, and business objectives. For these reasons, consider updating these documents as soon as possible after a change occurs and not only on a periodic cycle.
Security policies define the entity's security objectives and principles. Operational procedures describe how to perform activities, and define the controls, methods, and processes that are followed to achieve the desired result in a consistent manner and in accordance with policy objectives.
If roles and responsibilities are not formally assigned, personnel may not be aware of their day-to-day responsibilities and critical activities may not occur.
Roles and responsibilities may be documented within policies and procedures or maintained within separate documents. As part of communicating roles and responsibilities, entities can consider having personnel acknowledge their acceptance and understanding of their assigned roles and responsibilities.
A method to document roles and responsibilities is a responsibility assignment matrix that includes who is responsible, accountable, consulted, and informed (also called a RACI matrix).
Physical access controls at facility entry points help prevent unauthorized individuals from gaining access to areas where cardholder data is stored, processed, or transmitted. Without proper controls, unauthorized persons could physically access systems and data.
Entry controls should include measures such as badge readers, biometric scanners, or security personnel. Visitor management procedures should be in place to control access by non-employees.
Individual physical access to sensitive areas should be monitored to detect unauthorized access attempts. Monitoring physical access points helps identify security incidents and provides evidence for investigations.
Video cameras, access control mechanisms, or other measures should be used to monitor access to sensitive areas. Monitoring data should be retained for a sufficient period to support investigations.
Physical security controls in sensitive areas help protect systems and data from unauthorized access, tampering, or theft. Network jacks, wireless access points, and other network infrastructure in public areas could be exploited by attackers.
Restrict physical access to publicly accessible network jacks, wireless access points, gateways, and handheld devices. Unused network jacks should be disabled. Wireless access points should be physically secured to prevent tampering.
Restricting physical access to wireless access points, gateways, and networking devices prevents unauthorized individuals from tampering with or connecting unauthorized devices to the network.
Network devices and access points should be placed in locked areas or enclosures. Access to these areas should be controlled and monitored.
Consoles and physical access to systems in sensitive areas must be restricted to prevent unauthorized use. If an unauthorized individual gains physical access to a system console, they may be able to bypass logical access controls.
System consoles should be physically secured in locked areas. Screen lock should be enabled to prevent unauthorized use when personnel step away from the console.
Physical access controls at facility entry points help prevent unauthorized individuals from gaining access to areas where cardholder data is stored, processed, or transmitted. Without proper controls, unauthorized persons could physically access systems and data.
Entry controls should include measures such as badge readers, biometric scanners, or security personnel. Visitor management procedures should be in place to control access by non-employees.
Individual physical access to sensitive areas should be monitored to detect unauthorized access attempts. Monitoring physical access points helps identify security incidents and provides evidence for investigations.
Video cameras, access control mechanisms, or other measures should be used to monitor access to sensitive areas. Monitoring data should be retained for a sufficient period to support investigations.
Physical security controls in sensitive areas help protect systems and data from unauthorized access, tampering, or theft. Network jacks, wireless access points, and other network infrastructure in public areas could be exploited by attackers.
Restrict physical access to publicly accessible network jacks, wireless access points, gateways, and handheld devices. Unused network jacks should be disabled. Wireless access points should be physically secured to prevent tampering.
Restricting physical access to wireless access points, gateways, and networking devices prevents unauthorized individuals from tampering with or connecting unauthorized devices to the network.
Network devices and access points should be placed in locked areas or enclosures. Access to these areas should be controlled and monitored.
Consoles and physical access to systems in sensitive areas must be restricted to prevent unauthorized use. If an unauthorized individual gains physical access to a system console, they may be able to bypass logical access controls.
System consoles should be physically secured in locked areas. Screen lock should be enabled to prevent unauthorized use when personnel step away from the console.
Physical access controls at facility entry points help prevent unauthorized individuals from gaining access to areas where cardholder data is stored, processed, or transmitted. Without proper controls, unauthorized persons could physically access systems and data.
Entry controls should include measures such as badge readers, biometric scanners, or security personnel. Visitor management procedures should be in place to control access by non-employees.
Individual physical access to sensitive areas should be monitored to detect unauthorized access attempts. Monitoring physical access points helps identify security incidents and provides evidence for investigations.
Video cameras, access control mechanisms, or other measures should be used to monitor access to sensitive areas. Monitoring data should be retained for a sufficient period to support investigations.
Physical security controls in sensitive areas help protect systems and data from unauthorized access, tampering, or theft. Network jacks, wireless access points, and other network infrastructure in public areas could be exploited by attackers.
Restrict physical access to publicly accessible network jacks, wireless access points, gateways, and handheld devices. Unused network jacks should be disabled. Wireless access points should be physically secured to prevent tampering.
Restricting physical access to wireless access points, gateways, and networking devices prevents unauthorized individuals from tampering with or connecting unauthorized devices to the network.
Network devices and access points should be placed in locked areas or enclosures. Access to these areas should be controlled and monitored.
Consoles and physical access to systems in sensitive areas must be restricted to prevent unauthorized use. If an unauthorized individual gains physical access to a system console, they may be able to bypass logical access controls.
System consoles should be physically secured in locked areas. Screen lock should be enabled to prevent unauthorized use when personnel step away from the console.
Physical access controls at facility entry points help prevent unauthorized individuals from gaining access to areas where cardholder data is stored, processed, or transmitted. Without proper controls, unauthorized persons could physically access systems and data.
Entry controls should include measures such as badge readers, biometric scanners, or security personnel. Visitor management procedures should be in place to control access by non-employees.
Individual physical access to sensitive areas should be monitored to detect unauthorized access attempts. Monitoring physical access points helps identify security incidents and provides evidence for investigations.
Video cameras, access control mechanisms, or other measures should be used to monitor access to sensitive areas. Monitoring data should be retained for a sufficient period to support investigations.
Physical security controls in sensitive areas help protect systems and data from unauthorized access, tampering, or theft. Network jacks, wireless access points, and other network infrastructure in public areas could be exploited by attackers.
Restrict physical access to publicly accessible network jacks, wireless access points, gateways, and handheld devices. Unused network jacks should be disabled. Wireless access points should be physically secured to prevent tampering.
Restricting physical access to wireless access points, gateways, and networking devices prevents unauthorized individuals from tampering with or connecting unauthorized devices to the network.
Network devices and access points should be placed in locked areas or enclosures. Access to these areas should be controlled and monitored.
Consoles and physical access to systems in sensitive areas must be restricted to prevent unauthorized use. If an unauthorized individual gains physical access to a system console, they may be able to bypass logical access controls.
System consoles should be physically secured in locked areas. Screen lock should be enabled to prevent unauthorized use when personnel step away from the console.
Physical access controls at facility entry points help prevent unauthorized individuals from gaining access to areas where cardholder data is stored, processed, or transmitted. Without proper controls, unauthorized persons could physically access systems and data.
Entry controls should include measures such as badge readers, biometric scanners, or security personnel. Visitor management procedures should be in place to control access by non-employees.
Individual physical access to sensitive areas should be monitored to detect unauthorized access attempts. Monitoring physical access points helps identify security incidents and provides evidence for investigations.
Video cameras, access control mechanisms, or other measures should be used to monitor access to sensitive areas. Monitoring data should be retained for a sufficient period to support investigations.
Physical security controls in sensitive areas help protect systems and data from unauthorized access, tampering, or theft. Network jacks, wireless access points, and other network infrastructure in public areas could be exploited by attackers.
Restrict physical access to publicly accessible network jacks, wireless access points, gateways, and handheld devices. Unused network jacks should be disabled. Wireless access points should be physically secured to prevent tampering.
Restricting physical access to wireless access points, gateways, and networking devices prevents unauthorized individuals from tampering with or connecting unauthorized devices to the network.
Network devices and access points should be placed in locked areas or enclosures. Access to these areas should be controlled and monitored.
Consoles and physical access to systems in sensitive areas must be restricted to prevent unauthorized use. If an unauthorized individual gains physical access to a system console, they may be able to bypass logical access controls.
System consoles should be physically secured in locked areas. Screen lock should be enabled to prevent unauthorized use when personnel step away from the console.
Controlling physical access for personnel to sensitive areas based on their job function helps ensure that only authorized individuals can access areas where cardholder data is stored, processed, or transmitted. This reduces the risk of unauthorized access.
Physical access should be granted based on the individual's job function and need to access the area. Access rights should be reviewed periodically and revoked when no longer needed.
Physical access to sensitive areas should be reviewed periodically to identify and revoke access that is no longer needed. Without periodic reviews, individuals may retain physical access after they no longer require it.
Physical access rights should be reviewed at least every six months. Reviews should verify that all individuals with access still have a business need for that access. Access should be revoked for individuals who no longer need it.
Visitor access to facilities and sensitive areas must be controlled to prevent unauthorized individuals from gaining access to cardholder data environments. Without visitor controls, unauthorized persons could gain physical access to systems and data.
Visitors should be authorized before entering, escorted at all times in sensitive areas, identified with a badge or other identifier, and have their visit logged. Visitor badges should be visually distinguishable from employee badges.
Visitor badges or identification help distinguish visitors from authorized personnel and help ensure that visitors are identified and monitored while on the premises. Proper badge management prevents unauthorized individuals from retaining access after their visit.
Visitor badges should be surrendered or deactivated before the visitor leaves the facility. Badges should clearly indicate visitor status and should expire after the visit period.
A visitor log provides a physical audit trail of visitor activity. This log can be used to investigate security incidents and to verify that visitor access controls are being followed.
The visitor log should record the visitor's name, the organization represented, the onsite personnel authorizing physical access, and the date and time of the visit. Visitor logs should be retained for at least three months.
Controlling physical access for personnel to sensitive areas based on their job function helps ensure that only authorized individuals can access areas where cardholder data is stored, processed, or transmitted. This reduces the risk of unauthorized access.
Physical access should be granted based on the individual's job function and need to access the area. Access rights should be reviewed periodically and revoked when no longer needed.
Physical access to sensitive areas should be reviewed periodically to identify and revoke access that is no longer needed. Without periodic reviews, individuals may retain physical access after they no longer require it.
Physical access rights should be reviewed at least every six months. Reviews should verify that all individuals with access still have a business need for that access. Access should be revoked for individuals who no longer need it.
Visitor access to facilities and sensitive areas must be controlled to prevent unauthorized individuals from gaining access to cardholder data environments. Without visitor controls, unauthorized persons could gain physical access to systems and data.
Visitors should be authorized before entering, escorted at all times in sensitive areas, identified with a badge or other identifier, and have their visit logged. Visitor badges should be visually distinguishable from employee badges.
Visitor badges or identification help distinguish visitors from authorized personnel and help ensure that visitors are identified and monitored while on the premises. Proper badge management prevents unauthorized individuals from retaining access after their visit.
Visitor badges should be surrendered or deactivated before the visitor leaves the facility. Badges should clearly indicate visitor status and should expire after the visit period.
A visitor log provides a physical audit trail of visitor activity. This log can be used to investigate security incidents and to verify that visitor access controls are being followed.
The visitor log should record the visitor's name, the organization represented, the onsite personnel authorizing physical access, and the date and time of the visit. Visitor logs should be retained for at least three months.
Controlling physical access for personnel to sensitive areas based on their job function helps ensure that only authorized individuals can access areas where cardholder data is stored, processed, or transmitted. This reduces the risk of unauthorized access.
Physical access should be granted based on the individual's job function and need to access the area. Access rights should be reviewed periodically and revoked when no longer needed.
Physical access to sensitive areas should be reviewed periodically to identify and revoke access that is no longer needed. Without periodic reviews, individuals may retain physical access after they no longer require it.
Physical access rights should be reviewed at least every six months. Reviews should verify that all individuals with access still have a business need for that access. Access should be revoked for individuals who no longer need it.
Visitor access to facilities and sensitive areas must be controlled to prevent unauthorized individuals from gaining access to cardholder data environments. Without visitor controls, unauthorized persons could gain physical access to systems and data.
Visitors should be authorized before entering, escorted at all times in sensitive areas, identified with a badge or other identifier, and have their visit logged. Visitor badges should be visually distinguishable from employee badges.
Visitor badges or identification help distinguish visitors from authorized personnel and help ensure that visitors are identified and monitored while on the premises. Proper badge management prevents unauthorized individuals from retaining access after their visit.
Visitor badges should be surrendered or deactivated before the visitor leaves the facility. Badges should clearly indicate visitor status and should expire after the visit period.
A visitor log provides a physical audit trail of visitor activity. This log can be used to investigate security incidents and to verify that visitor access controls are being followed.
The visitor log should record the visitor's name, the organization represented, the onsite personnel authorizing physical access, and the date and time of the visit. Visitor logs should be retained for at least three months.
Controlling physical access for personnel to sensitive areas based on their job function helps ensure that only authorized individuals can access areas where cardholder data is stored, processed, or transmitted. This reduces the risk of unauthorized access.
Physical access should be granted based on the individual's job function and need to access the area. Access rights should be reviewed periodically and revoked when no longer needed.
Physical access to sensitive areas should be reviewed periodically to identify and revoke access that is no longer needed. Without periodic reviews, individuals may retain physical access after they no longer require it.
Physical access rights should be reviewed at least every six months. Reviews should verify that all individuals with access still have a business need for that access. Access should be revoked for individuals who no longer need it.
Visitor access to facilities and sensitive areas must be controlled to prevent unauthorized individuals from gaining access to cardholder data environments. Without visitor controls, unauthorized persons could gain physical access to systems and data.
Visitors should be authorized before entering, escorted at all times in sensitive areas, identified with a badge or other identifier, and have their visit logged. Visitor badges should be visually distinguishable from employee badges.
Visitor badges or identification help distinguish visitors from authorized personnel and help ensure that visitors are identified and monitored while on the premises. Proper badge management prevents unauthorized individuals from retaining access after their visit.
Visitor badges should be surrendered or deactivated before the visitor leaves the facility. Badges should clearly indicate visitor status and should expire after the visit period.
A visitor log provides a physical audit trail of visitor activity. This log can be used to investigate security incidents and to verify that visitor access controls are being followed.
The visitor log should record the visitor's name, the organization represented, the onsite personnel authorizing physical access, and the date and time of the visit. Visitor logs should be retained for at least three months.
Controlling physical access for personnel to sensitive areas based on their job function helps ensure that only authorized individuals can access areas where cardholder data is stored, processed, or transmitted. This reduces the risk of unauthorized access.
Physical access should be granted based on the individual's job function and need to access the area. Access rights should be reviewed periodically and revoked when no longer needed.
Physical access to sensitive areas should be reviewed periodically to identify and revoke access that is no longer needed. Without periodic reviews, individuals may retain physical access after they no longer require it.
Physical access rights should be reviewed at least every six months. Reviews should verify that all individuals with access still have a business need for that access. Access should be revoked for individuals who no longer need it.
Visitor access to facilities and sensitive areas must be controlled to prevent unauthorized individuals from gaining access to cardholder data environments. Without visitor controls, unauthorized persons could gain physical access to systems and data.
Visitors should be authorized before entering, escorted at all times in sensitive areas, identified with a badge or other identifier, and have their visit logged. Visitor badges should be visually distinguishable from employee badges.
Visitor badges or identification help distinguish visitors from authorized personnel and help ensure that visitors are identified and monitored while on the premises. Proper badge management prevents unauthorized individuals from retaining access after their visit.
Visitor badges should be surrendered or deactivated before the visitor leaves the facility. Badges should clearly indicate visitor status and should expire after the visit period.
A visitor log provides a physical audit trail of visitor activity. This log can be used to investigate security incidents and to verify that visitor access controls are being followed.
The visitor log should record the visitor's name, the organization represented, the onsite personnel authorizing physical access, and the date and time of the visit. Visitor logs should be retained for at least three months.
Media containing cardholder data must be physically secured to prevent unauthorized access, theft, or loss. Without proper physical security, media can be removed from the facility and the data compromised.
Media should be stored in a secure location with limited access. Backup media should be stored in a secure, off-site location. Media storage areas should be inventoried periodically.
Offline media backups containing cardholder data must be stored securely to prevent unauthorized access. If backup media is not properly secured, it could be stolen or accessed by unauthorized individuals.
Backup media should be stored in a secure, off-site location. The storage location should have physical access controls comparable to those at the primary site. Media should be inventoried periodically.
Classifying media by sensitivity helps organizations apply appropriate security controls based on the level of sensitivity of the data on the media. Without classification, sensitive media may not receive adequate protection.
Media should be classified according to the sensitivity of the data it contains. Labels or markings should be used to indicate the classification level. Personnel should be trained on how to handle media of different classification levels.
Media sent outside the facility is at increased risk of interception, theft, or loss during transit. Using secured courier or other delivery methods that can be accurately tracked helps maintain the security of the media during transport.
Media should be sent via secured courier or other delivery method that provides tracking capability. Management should approve all media that is sent outside the facility. The delivery tracking information should be retained.
Without proper records of media movement, the location of media may become unknown, making it impossible to account for all media containing cardholder data. Maintaining logs helps ensure that media is tracked and can be located at all times.
A log should be maintained for all media sent outside the facility, including the date, the sender, the recipient, and the business reason for the transport. The log should be reviewed periodically to ensure completeness.
Maintaining an inventory of electronic media containing cardholder data helps ensure that all such media is accounted for and protected. Without an inventory, media may be lost or stolen without detection.
An inventory of all electronic media containing cardholder data should be maintained and updated regularly. The inventory should include the location, classification, and custodian of each piece of media. Periodic inventory checks should be performed.
Periodic inventories of electronic media help detect missing or misplaced media that could indicate theft or loss. Regular inventory verification supports timely detection and response to media-related security incidents.
Inventories should be conducted at a frequency defined by the entity's targeted risk analysis. Discrepancies should be investigated and resolved promptly.
Media that is no longer needed must be securely destroyed to prevent the data from being recovered. If media is not properly destroyed, cardholder data could be retrieved from discarded media.
Media should be destroyed using methods that ensure the data cannot be reconstructed, such as cross-cut shredding, incineration, or degaussing. The destruction method should be appropriate for the type of media. Destruction should be documented.
Methods for destroying media include cross-cut shredding for paper media, degaussing for magnetic media, and physical destruction or secure erasure for electronic media.
Hard-copy materials containing cardholder data that are not properly destroyed could be retrieved from trash or recycling. Cross-cut shredding, incineration, or other approved methods help ensure the data cannot be recovered.
Hard-copy materials should be cross-cut shredded, incinerated, or pulped so they cannot be reconstructed. Destruction should take place in a secure area. Third-party destruction services should be monitored and verified.
Electronic media containing cardholder data must be destroyed so that the data is unrecoverable. Standard deletion or formatting is not sufficient because data can often be recovered from media that has been formatted or had files deleted.
Electronic media should be rendered unrecoverable through secure erasure software, degaussing, or physical destruction. The method used should be appropriate for the type of media and should follow industry-accepted standards.
Media containing cardholder data must be physically secured to prevent unauthorized access, theft, or loss. Without proper physical security, media can be removed from the facility and the data compromised.
Media should be stored in a secure location with limited access. Backup media should be stored in a secure, off-site location. Media storage areas should be inventoried periodically.
Offline media backups containing cardholder data must be stored securely to prevent unauthorized access. If backup media is not properly secured, it could be stolen or accessed by unauthorized individuals.
Backup media should be stored in a secure, off-site location. The storage location should have physical access controls comparable to those at the primary site. Media should be inventoried periodically.
Classifying media by sensitivity helps organizations apply appropriate security controls based on the level of sensitivity of the data on the media. Without classification, sensitive media may not receive adequate protection.
Media should be classified according to the sensitivity of the data it contains. Labels or markings should be used to indicate the classification level. Personnel should be trained on how to handle media of different classification levels.
Media sent outside the facility is at increased risk of interception, theft, or loss during transit. Using secured courier or other delivery methods that can be accurately tracked helps maintain the security of the media during transport.
Media should be sent via secured courier or other delivery method that provides tracking capability. Management should approve all media that is sent outside the facility. The delivery tracking information should be retained.
Without proper records of media movement, the location of media may become unknown, making it impossible to account for all media containing cardholder data. Maintaining logs helps ensure that media is tracked and can be located at all times.
A log should be maintained for all media sent outside the facility, including the date, the sender, the recipient, and the business reason for the transport. The log should be reviewed periodically to ensure completeness.
Maintaining an inventory of electronic media containing cardholder data helps ensure that all such media is accounted for and protected. Without an inventory, media may be lost or stolen without detection.
An inventory of all electronic media containing cardholder data should be maintained and updated regularly. The inventory should include the location, classification, and custodian of each piece of media. Periodic inventory checks should be performed.
Periodic inventories of electronic media help detect missing or misplaced media that could indicate theft or loss. Regular inventory verification supports timely detection and response to media-related security incidents.
Inventories should be conducted at a frequency defined by the entity's targeted risk analysis. Discrepancies should be investigated and resolved promptly.
Media that is no longer needed must be securely destroyed to prevent the data from being recovered. If media is not properly destroyed, cardholder data could be retrieved from discarded media.
Media should be destroyed using methods that ensure the data cannot be reconstructed, such as cross-cut shredding, incineration, or degaussing. The destruction method should be appropriate for the type of media. Destruction should be documented.
Methods for destroying media include cross-cut shredding for paper media, degaussing for magnetic media, and physical destruction or secure erasure for electronic media.
Hard-copy materials containing cardholder data that are not properly destroyed could be retrieved from trash or recycling. Cross-cut shredding, incineration, or other approved methods help ensure the data cannot be recovered.
Hard-copy materials should be cross-cut shredded, incinerated, or pulped so they cannot be reconstructed. Destruction should take place in a secure area. Third-party destruction services should be monitored and verified.
Electronic media containing cardholder data must be destroyed so that the data is unrecoverable. Standard deletion or formatting is not sufficient because data can often be recovered from media that has been formatted or had files deleted.
Electronic media should be rendered unrecoverable through secure erasure software, degaussing, or physical destruction. The method used should be appropriate for the type of media and should follow industry-accepted standards.
Media containing cardholder data must be physically secured to prevent unauthorized access, theft, or loss. Without proper physical security, media can be removed from the facility and the data compromised.
Media should be stored in a secure location with limited access. Backup media should be stored in a secure, off-site location. Media storage areas should be inventoried periodically.
Offline media backups containing cardholder data must be stored securely to prevent unauthorized access. If backup media is not properly secured, it could be stolen or accessed by unauthorized individuals.
Backup media should be stored in a secure, off-site location. The storage location should have physical access controls comparable to those at the primary site. Media should be inventoried periodically.
Classifying media by sensitivity helps organizations apply appropriate security controls based on the level of sensitivity of the data on the media. Without classification, sensitive media may not receive adequate protection.
Media should be classified according to the sensitivity of the data it contains. Labels or markings should be used to indicate the classification level. Personnel should be trained on how to handle media of different classification levels.
Media sent outside the facility is at increased risk of interception, theft, or loss during transit. Using secured courier or other delivery methods that can be accurately tracked helps maintain the security of the media during transport.
Media should be sent via secured courier or other delivery method that provides tracking capability. Management should approve all media that is sent outside the facility. The delivery tracking information should be retained.
Without proper records of media movement, the location of media may become unknown, making it impossible to account for all media containing cardholder data. Maintaining logs helps ensure that media is tracked and can be located at all times.
A log should be maintained for all media sent outside the facility, including the date, the sender, the recipient, and the business reason for the transport. The log should be reviewed periodically to ensure completeness.
Maintaining an inventory of electronic media containing cardholder data helps ensure that all such media is accounted for and protected. Without an inventory, media may be lost or stolen without detection.
An inventory of all electronic media containing cardholder data should be maintained and updated regularly. The inventory should include the location, classification, and custodian of each piece of media. Periodic inventory checks should be performed.
Periodic inventories of electronic media help detect missing or misplaced media that could indicate theft or loss. Regular inventory verification supports timely detection and response to media-related security incidents.
Inventories should be conducted at a frequency defined by the entity's targeted risk analysis. Discrepancies should be investigated and resolved promptly.
Media that is no longer needed must be securely destroyed to prevent the data from being recovered. If media is not properly destroyed, cardholder data could be retrieved from discarded media.
Media should be destroyed using methods that ensure the data cannot be reconstructed, such as cross-cut shredding, incineration, or degaussing. The destruction method should be appropriate for the type of media. Destruction should be documented.
Methods for destroying media include cross-cut shredding for paper media, degaussing for magnetic media, and physical destruction or secure erasure for electronic media.
Hard-copy materials containing cardholder data that are not properly destroyed could be retrieved from trash or recycling. Cross-cut shredding, incineration, or other approved methods help ensure the data cannot be recovered.
Hard-copy materials should be cross-cut shredded, incinerated, or pulped so they cannot be reconstructed. Destruction should take place in a secure area. Third-party destruction services should be monitored and verified.
Electronic media containing cardholder data must be destroyed so that the data is unrecoverable. Standard deletion or formatting is not sufficient because data can often be recovered from media that has been formatted or had files deleted.
Electronic media should be rendered unrecoverable through secure erasure software, degaussing, or physical destruction. The method used should be appropriate for the type of media and should follow industry-accepted standards.
Media containing cardholder data must be physically secured to prevent unauthorized access, theft, or loss. Without proper physical security, media can be removed from the facility and the data compromised.
Media should be stored in a secure location with limited access. Backup media should be stored in a secure, off-site location. Media storage areas should be inventoried periodically.
Offline media backups containing cardholder data must be stored securely to prevent unauthorized access. If backup media is not properly secured, it could be stolen or accessed by unauthorized individuals.
Backup media should be stored in a secure, off-site location. The storage location should have physical access controls comparable to those at the primary site. Media should be inventoried periodically.
Classifying media by sensitivity helps organizations apply appropriate security controls based on the level of sensitivity of the data on the media. Without classification, sensitive media may not receive adequate protection.
Media should be classified according to the sensitivity of the data it contains. Labels or markings should be used to indicate the classification level. Personnel should be trained on how to handle media of different classification levels.
Media sent outside the facility is at increased risk of interception, theft, or loss during transit. Using secured courier or other delivery methods that can be accurately tracked helps maintain the security of the media during transport.
Media should be sent via secured courier or other delivery method that provides tracking capability. Management should approve all media that is sent outside the facility. The delivery tracking information should be retained.
Without proper records of media movement, the location of media may become unknown, making it impossible to account for all media containing cardholder data. Maintaining logs helps ensure that media is tracked and can be located at all times.
A log should be maintained for all media sent outside the facility, including the date, the sender, the recipient, and the business reason for the transport. The log should be reviewed periodically to ensure completeness.
Maintaining an inventory of electronic media containing cardholder data helps ensure that all such media is accounted for and protected. Without an inventory, media may be lost or stolen without detection.
An inventory of all electronic media containing cardholder data should be maintained and updated regularly. The inventory should include the location, classification, and custodian of each piece of media. Periodic inventory checks should be performed.
Periodic inventories of electronic media help detect missing or misplaced media that could indicate theft or loss. Regular inventory verification supports timely detection and response to media-related security incidents.
Inventories should be conducted at a frequency defined by the entity's targeted risk analysis. Discrepancies should be investigated and resolved promptly.
Media that is no longer needed must be securely destroyed to prevent the data from being recovered. If media is not properly destroyed, cardholder data could be retrieved from discarded media.
Media should be destroyed using methods that ensure the data cannot be reconstructed, such as cross-cut shredding, incineration, or degaussing. The destruction method should be appropriate for the type of media. Destruction should be documented.
Methods for destroying media include cross-cut shredding for paper media, degaussing for magnetic media, and physical destruction or secure erasure for electronic media.
Hard-copy materials containing cardholder data that are not properly destroyed could be retrieved from trash or recycling. Cross-cut shredding, incineration, or other approved methods help ensure the data cannot be recovered.
Hard-copy materials should be cross-cut shredded, incinerated, or pulped so they cannot be reconstructed. Destruction should take place in a secure area. Third-party destruction services should be monitored and verified.
Electronic media containing cardholder data must be destroyed so that the data is unrecoverable. Standard deletion or formatting is not sufficient because data can often be recovered from media that has been formatted or had files deleted.
Electronic media should be rendered unrecoverable through secure erasure software, degaussing, or physical destruction. The method used should be appropriate for the type of media and should follow industry-accepted standards.
Media containing cardholder data must be physically secured to prevent unauthorized access, theft, or loss. Without proper physical security, media can be removed from the facility and the data compromised.
Media should be stored in a secure location with limited access. Backup media should be stored in a secure, off-site location. Media storage areas should be inventoried periodically.
Offline media backups containing cardholder data must be stored securely to prevent unauthorized access. If backup media is not properly secured, it could be stolen or accessed by unauthorized individuals.
Backup media should be stored in a secure, off-site location. The storage location should have physical access controls comparable to those at the primary site. Media should be inventoried periodically.
Classifying media by sensitivity helps organizations apply appropriate security controls based on the level of sensitivity of the data on the media. Without classification, sensitive media may not receive adequate protection.
Media should be classified according to the sensitivity of the data it contains. Labels or markings should be used to indicate the classification level. Personnel should be trained on how to handle media of different classification levels.
Media sent outside the facility is at increased risk of interception, theft, or loss during transit. Using secured courier or other delivery methods that can be accurately tracked helps maintain the security of the media during transport.
Media should be sent via secured courier or other delivery method that provides tracking capability. Management should approve all media that is sent outside the facility. The delivery tracking information should be retained.
Without proper records of media movement, the location of media may become unknown, making it impossible to account for all media containing cardholder data. Maintaining logs helps ensure that media is tracked and can be located at all times.
A log should be maintained for all media sent outside the facility, including the date, the sender, the recipient, and the business reason for the transport. The log should be reviewed periodically to ensure completeness.
Maintaining an inventory of electronic media containing cardholder data helps ensure that all such media is accounted for and protected. Without an inventory, media may be lost or stolen without detection.
An inventory of all electronic media containing cardholder data should be maintained and updated regularly. The inventory should include the location, classification, and custodian of each piece of media. Periodic inventory checks should be performed.
Periodic inventories of electronic media help detect missing or misplaced media that could indicate theft or loss. Regular inventory verification supports timely detection and response to media-related security incidents.
Inventories should be conducted at a frequency defined by the entity's targeted risk analysis. Discrepancies should be investigated and resolved promptly.
Media that is no longer needed must be securely destroyed to prevent the data from being recovered. If media is not properly destroyed, cardholder data could be retrieved from discarded media.
Media should be destroyed using methods that ensure the data cannot be reconstructed, such as cross-cut shredding, incineration, or degaussing. The destruction method should be appropriate for the type of media. Destruction should be documented.
Methods for destroying media include cross-cut shredding for paper media, degaussing for magnetic media, and physical destruction or secure erasure for electronic media.
Hard-copy materials containing cardholder data that are not properly destroyed could be retrieved from trash or recycling. Cross-cut shredding, incineration, or other approved methods help ensure the data cannot be recovered.
Hard-copy materials should be cross-cut shredded, incinerated, or pulped so they cannot be reconstructed. Destruction should take place in a secure area. Third-party destruction services should be monitored and verified.
Electronic media containing cardholder data must be destroyed so that the data is unrecoverable. Standard deletion or formatting is not sufficient because data can often be recovered from media that has been formatted or had files deleted.
Electronic media should be rendered unrecoverable through secure erasure software, degaussing, or physical destruction. The method used should be appropriate for the type of media and should follow industry-accepted standards.
Media containing cardholder data must be physically secured to prevent unauthorized access, theft, or loss. Without proper physical security, media can be removed from the facility and the data compromised.
Media should be stored in a secure location with limited access. Backup media should be stored in a secure, off-site location. Media storage areas should be inventoried periodically.
Offline media backups containing cardholder data must be stored securely to prevent unauthorized access. If backup media is not properly secured, it could be stolen or accessed by unauthorized individuals.
Backup media should be stored in a secure, off-site location. The storage location should have physical access controls comparable to those at the primary site. Media should be inventoried periodically.
Classifying media by sensitivity helps organizations apply appropriate security controls based on the level of sensitivity of the data on the media. Without classification, sensitive media may not receive adequate protection.
Media should be classified according to the sensitivity of the data it contains. Labels or markings should be used to indicate the classification level. Personnel should be trained on how to handle media of different classification levels.
Media sent outside the facility is at increased risk of interception, theft, or loss during transit. Using secured courier or other delivery methods that can be accurately tracked helps maintain the security of the media during transport.
Media should be sent via secured courier or other delivery method that provides tracking capability. Management should approve all media that is sent outside the facility. The delivery tracking information should be retained.
Without proper records of media movement, the location of media may become unknown, making it impossible to account for all media containing cardholder data. Maintaining logs helps ensure that media is tracked and can be located at all times.
A log should be maintained for all media sent outside the facility, including the date, the sender, the recipient, and the business reason for the transport. The log should be reviewed periodically to ensure completeness.
Maintaining an inventory of electronic media containing cardholder data helps ensure that all such media is accounted for and protected. Without an inventory, media may be lost or stolen without detection.
An inventory of all electronic media containing cardholder data should be maintained and updated regularly. The inventory should include the location, classification, and custodian of each piece of media. Periodic inventory checks should be performed.
Periodic inventories of electronic media help detect missing or misplaced media that could indicate theft or loss. Regular inventory verification supports timely detection and response to media-related security incidents.
Inventories should be conducted at a frequency defined by the entity's targeted risk analysis. Discrepancies should be investigated and resolved promptly.
Media that is no longer needed must be securely destroyed to prevent the data from being recovered. If media is not properly destroyed, cardholder data could be retrieved from discarded media.
Media should be destroyed using methods that ensure the data cannot be reconstructed, such as cross-cut shredding, incineration, or degaussing. The destruction method should be appropriate for the type of media. Destruction should be documented.
Methods for destroying media include cross-cut shredding for paper media, degaussing for magnetic media, and physical destruction or secure erasure for electronic media.
Hard-copy materials containing cardholder data that are not properly destroyed could be retrieved from trash or recycling. Cross-cut shredding, incineration, or other approved methods help ensure the data cannot be recovered.
Hard-copy materials should be cross-cut shredded, incinerated, or pulped so they cannot be reconstructed. Destruction should take place in a secure area. Third-party destruction services should be monitored and verified.
Electronic media containing cardholder data must be destroyed so that the data is unrecoverable. Standard deletion or formatting is not sufficient because data can often be recovered from media that has been formatted or had files deleted.
Electronic media should be rendered unrecoverable through secure erasure software, degaussing, or physical destruction. The method used should be appropriate for the type of media and should follow industry-accepted standards.
Media containing cardholder data must be physically secured to prevent unauthorized access, theft, or loss. Without proper physical security, media can be removed from the facility and the data compromised.
Media should be stored in a secure location with limited access. Backup media should be stored in a secure, off-site location. Media storage areas should be inventoried periodically.
Offline media backups containing cardholder data must be stored securely to prevent unauthorized access. If backup media is not properly secured, it could be stolen or accessed by unauthorized individuals.
Backup media should be stored in a secure, off-site location. The storage location should have physical access controls comparable to those at the primary site. Media should be inventoried periodically.
Classifying media by sensitivity helps organizations apply appropriate security controls based on the level of sensitivity of the data on the media. Without classification, sensitive media may not receive adequate protection.
Media should be classified according to the sensitivity of the data it contains. Labels or markings should be used to indicate the classification level. Personnel should be trained on how to handle media of different classification levels.
Media sent outside the facility is at increased risk of interception, theft, or loss during transit. Using secured courier or other delivery methods that can be accurately tracked helps maintain the security of the media during transport.
Media should be sent via secured courier or other delivery method that provides tracking capability. Management should approve all media that is sent outside the facility. The delivery tracking information should be retained.
Without proper records of media movement, the location of media may become unknown, making it impossible to account for all media containing cardholder data. Maintaining logs helps ensure that media is tracked and can be located at all times.
A log should be maintained for all media sent outside the facility, including the date, the sender, the recipient, and the business reason for the transport. The log should be reviewed periodically to ensure completeness.
Maintaining an inventory of electronic media containing cardholder data helps ensure that all such media is accounted for and protected. Without an inventory, media may be lost or stolen without detection.
An inventory of all electronic media containing cardholder data should be maintained and updated regularly. The inventory should include the location, classification, and custodian of each piece of media. Periodic inventory checks should be performed.
Periodic inventories of electronic media help detect missing or misplaced media that could indicate theft or loss. Regular inventory verification supports timely detection and response to media-related security incidents.
Inventories should be conducted at a frequency defined by the entity's targeted risk analysis. Discrepancies should be investigated and resolved promptly.
Media that is no longer needed must be securely destroyed to prevent the data from being recovered. If media is not properly destroyed, cardholder data could be retrieved from discarded media.
Media should be destroyed using methods that ensure the data cannot be reconstructed, such as cross-cut shredding, incineration, or degaussing. The destruction method should be appropriate for the type of media. Destruction should be documented.
Methods for destroying media include cross-cut shredding for paper media, degaussing for magnetic media, and physical destruction or secure erasure for electronic media.
Hard-copy materials containing cardholder data that are not properly destroyed could be retrieved from trash or recycling. Cross-cut shredding, incineration, or other approved methods help ensure the data cannot be recovered.
Hard-copy materials should be cross-cut shredded, incinerated, or pulped so they cannot be reconstructed. Destruction should take place in a secure area. Third-party destruction services should be monitored and verified.
Electronic media containing cardholder data must be destroyed so that the data is unrecoverable. Standard deletion or formatting is not sufficient because data can often be recovered from media that has been formatted or had files deleted.
Electronic media should be rendered unrecoverable through secure erasure software, degaussing, or physical destruction. The method used should be appropriate for the type of media and should follow industry-accepted standards.
Media containing cardholder data must be physically secured to prevent unauthorized access, theft, or loss. Without proper physical security, media can be removed from the facility and the data compromised.
Media should be stored in a secure location with limited access. Backup media should be stored in a secure, off-site location. Media storage areas should be inventoried periodically.
Offline media backups containing cardholder data must be stored securely to prevent unauthorized access. If backup media is not properly secured, it could be stolen or accessed by unauthorized individuals.
Backup media should be stored in a secure, off-site location. The storage location should have physical access controls comparable to those at the primary site. Media should be inventoried periodically.
Classifying media by sensitivity helps organizations apply appropriate security controls based on the level of sensitivity of the data on the media. Without classification, sensitive media may not receive adequate protection.
Media should be classified according to the sensitivity of the data it contains. Labels or markings should be used to indicate the classification level. Personnel should be trained on how to handle media of different classification levels.
Media sent outside the facility is at increased risk of interception, theft, or loss during transit. Using secured courier or other delivery methods that can be accurately tracked helps maintain the security of the media during transport.
Media should be sent via secured courier or other delivery method that provides tracking capability. Management should approve all media that is sent outside the facility. The delivery tracking information should be retained.
Without proper records of media movement, the location of media may become unknown, making it impossible to account for all media containing cardholder data. Maintaining logs helps ensure that media is tracked and can be located at all times.
A log should be maintained for all media sent outside the facility, including the date, the sender, the recipient, and the business reason for the transport. The log should be reviewed periodically to ensure completeness.
Maintaining an inventory of electronic media containing cardholder data helps ensure that all such media is accounted for and protected. Without an inventory, media may be lost or stolen without detection.
An inventory of all electronic media containing cardholder data should be maintained and updated regularly. The inventory should include the location, classification, and custodian of each piece of media. Periodic inventory checks should be performed.
Periodic inventories of electronic media help detect missing or misplaced media that could indicate theft or loss. Regular inventory verification supports timely detection and response to media-related security incidents.
Inventories should be conducted at a frequency defined by the entity's targeted risk analysis. Discrepancies should be investigated and resolved promptly.
Media that is no longer needed must be securely destroyed to prevent the data from being recovered. If media is not properly destroyed, cardholder data could be retrieved from discarded media.
Media should be destroyed using methods that ensure the data cannot be reconstructed, such as cross-cut shredding, incineration, or degaussing. The destruction method should be appropriate for the type of media. Destruction should be documented.
Methods for destroying media include cross-cut shredding for paper media, degaussing for magnetic media, and physical destruction or secure erasure for electronic media.
Hard-copy materials containing cardholder data that are not properly destroyed could be retrieved from trash or recycling. Cross-cut shredding, incineration, or other approved methods help ensure the data cannot be recovered.
Hard-copy materials should be cross-cut shredded, incinerated, or pulped so they cannot be reconstructed. Destruction should take place in a secure area. Third-party destruction services should be monitored and verified.
Electronic media containing cardholder data must be destroyed so that the data is unrecoverable. Standard deletion or formatting is not sufficient because data can often be recovered from media that has been formatted or had files deleted.
Electronic media should be rendered unrecoverable through secure erasure software, degaussing, or physical destruction. The method used should be appropriate for the type of media and should follow industry-accepted standards.
Media containing cardholder data must be physically secured to prevent unauthorized access, theft, or loss. Without proper physical security, media can be removed from the facility and the data compromised.
Media should be stored in a secure location with limited access. Backup media should be stored in a secure, off-site location. Media storage areas should be inventoried periodically.
Offline media backups containing cardholder data must be stored securely to prevent unauthorized access. If backup media is not properly secured, it could be stolen or accessed by unauthorized individuals.
Backup media should be stored in a secure, off-site location. The storage location should have physical access controls comparable to those at the primary site. Media should be inventoried periodically.
Classifying media by sensitivity helps organizations apply appropriate security controls based on the level of sensitivity of the data on the media. Without classification, sensitive media may not receive adequate protection.
Media should be classified according to the sensitivity of the data it contains. Labels or markings should be used to indicate the classification level. Personnel should be trained on how to handle media of different classification levels.
Media sent outside the facility is at increased risk of interception, theft, or loss during transit. Using secured courier or other delivery methods that can be accurately tracked helps maintain the security of the media during transport.
Media should be sent via secured courier or other delivery method that provides tracking capability. Management should approve all media that is sent outside the facility. The delivery tracking information should be retained.
Without proper records of media movement, the location of media may become unknown, making it impossible to account for all media containing cardholder data. Maintaining logs helps ensure that media is tracked and can be located at all times.
A log should be maintained for all media sent outside the facility, including the date, the sender, the recipient, and the business reason for the transport. The log should be reviewed periodically to ensure completeness.
Maintaining an inventory of electronic media containing cardholder data helps ensure that all such media is accounted for and protected. Without an inventory, media may be lost or stolen without detection.
An inventory of all electronic media containing cardholder data should be maintained and updated regularly. The inventory should include the location, classification, and custodian of each piece of media. Periodic inventory checks should be performed.
Periodic inventories of electronic media help detect missing or misplaced media that could indicate theft or loss. Regular inventory verification supports timely detection and response to media-related security incidents.
Inventories should be conducted at a frequency defined by the entity's targeted risk analysis. Discrepancies should be investigated and resolved promptly.
Media that is no longer needed must be securely destroyed to prevent the data from being recovered. If media is not properly destroyed, cardholder data could be retrieved from discarded media.
Media should be destroyed using methods that ensure the data cannot be reconstructed, such as cross-cut shredding, incineration, or degaussing. The destruction method should be appropriate for the type of media. Destruction should be documented.
Methods for destroying media include cross-cut shredding for paper media, degaussing for magnetic media, and physical destruction or secure erasure for electronic media.
Hard-copy materials containing cardholder data that are not properly destroyed could be retrieved from trash or recycling. Cross-cut shredding, incineration, or other approved methods help ensure the data cannot be recovered.
Hard-copy materials should be cross-cut shredded, incinerated, or pulped so they cannot be reconstructed. Destruction should take place in a secure area. Third-party destruction services should be monitored and verified.
Electronic media containing cardholder data must be destroyed so that the data is unrecoverable. Standard deletion or formatting is not sufficient because data can often be recovered from media that has been formatted or had files deleted.
Electronic media should be rendered unrecoverable through secure erasure software, degaussing, or physical destruction. The method used should be appropriate for the type of media and should follow industry-accepted standards.
Media containing cardholder data must be physically secured to prevent unauthorized access, theft, or loss. Without proper physical security, media can be removed from the facility and the data compromised.
Media should be stored in a secure location with limited access. Backup media should be stored in a secure, off-site location. Media storage areas should be inventoried periodically.
Offline media backups containing cardholder data must be stored securely to prevent unauthorized access. If backup media is not properly secured, it could be stolen or accessed by unauthorized individuals.
Backup media should be stored in a secure, off-site location. The storage location should have physical access controls comparable to those at the primary site. Media should be inventoried periodically.
Classifying media by sensitivity helps organizations apply appropriate security controls based on the level of sensitivity of the data on the media. Without classification, sensitive media may not receive adequate protection.
Media should be classified according to the sensitivity of the data it contains. Labels or markings should be used to indicate the classification level. Personnel should be trained on how to handle media of different classification levels.
Media sent outside the facility is at increased risk of interception, theft, or loss during transit. Using secured courier or other delivery methods that can be accurately tracked helps maintain the security of the media during transport.
Media should be sent via secured courier or other delivery method that provides tracking capability. Management should approve all media that is sent outside the facility. The delivery tracking information should be retained.
Without proper records of media movement, the location of media may become unknown, making it impossible to account for all media containing cardholder data. Maintaining logs helps ensure that media is tracked and can be located at all times.
A log should be maintained for all media sent outside the facility, including the date, the sender, the recipient, and the business reason for the transport. The log should be reviewed periodically to ensure completeness.
Maintaining an inventory of electronic media containing cardholder data helps ensure that all such media is accounted for and protected. Without an inventory, media may be lost or stolen without detection.
An inventory of all electronic media containing cardholder data should be maintained and updated regularly. The inventory should include the location, classification, and custodian of each piece of media. Periodic inventory checks should be performed.
Periodic inventories of electronic media help detect missing or misplaced media that could indicate theft or loss. Regular inventory verification supports timely detection and response to media-related security incidents.
Inventories should be conducted at a frequency defined by the entity's targeted risk analysis. Discrepancies should be investigated and resolved promptly.
Media that is no longer needed must be securely destroyed to prevent the data from being recovered. If media is not properly destroyed, cardholder data could be retrieved from discarded media.
Media should be destroyed using methods that ensure the data cannot be reconstructed, such as cross-cut shredding, incineration, or degaussing. The destruction method should be appropriate for the type of media. Destruction should be documented.
Methods for destroying media include cross-cut shredding for paper media, degaussing for magnetic media, and physical destruction or secure erasure for electronic media.
Hard-copy materials containing cardholder data that are not properly destroyed could be retrieved from trash or recycling. Cross-cut shredding, incineration, or other approved methods help ensure the data cannot be recovered.
Hard-copy materials should be cross-cut shredded, incinerated, or pulped so they cannot be reconstructed. Destruction should take place in a secure area. Third-party destruction services should be monitored and verified.
Electronic media containing cardholder data must be destroyed so that the data is unrecoverable. Standard deletion or formatting is not sufficient because data can often be recovered from media that has been formatted or had files deleted.
Electronic media should be rendered unrecoverable through secure erasure software, degaussing, or physical destruction. The method used should be appropriate for the type of media and should follow industry-accepted standards.
Point-of-interaction (POI) devices that capture payment card data are targets for attackers who may attempt to tamper with or substitute devices to capture cardholder data. Protecting POI devices helps prevent skimming and other attacks.
A list of all POI devices should be maintained, including the make, model, location, and serial number. The list should be kept up to date and verified periodically.
POI devices include point-of-sale (POS) terminals, mobile payment devices, and other devices used to capture payment card data at the point of interaction with the cardholder.
Maintaining an up-to-date list of POI devices helps ensure that all devices are accounted for and can be verified. Without a device list, it would be difficult to detect a substituted or additional unauthorized device.
The device list should include the make and model, location, and serial number of each device. The list should be updated whenever devices are added, removed, or relocated.
Periodic inspection of POI device surfaces helps detect tampering or unauthorized substitution. Skimming devices or other tampering may be difficult to detect without careful inspection.
POI devices should be periodically inspected to detect signs of tampering, such as unexpected attachments, changes in appearance, or broken seals. Personnel should be trained on how to identify signs of device tampering.
Signs of tampering include unexpected attachments or overlays on the device, changes to the serial number or appearance, broken security seals or labels, differences in color or material, and additional wiring or components.
The frequency of POI device inspections should be based on a risk analysis that considers the device's exposure to tampering, its location, and the volume of transactions processed. Higher-risk devices should be inspected more frequently.
A targeted risk analysis should be performed to determine the appropriate inspection frequency for each device or group of devices. Factors to consider include the device's physical accessibility, the level of supervision, and any history of tampering in the area.
Training personnel who interact with POI devices helps them recognize signs of tampering or substitution. Without awareness training, tampered or substituted devices may go undetected for extended periods.
Training should include how to verify device identity, how to recognize signs of tampering, and how to report suspicious behavior. Personnel should be aware of the risks of device tampering and the importance of prompt reporting.
Point-of-interaction (POI) devices that capture payment card data are targets for attackers who may attempt to tamper with or substitute devices to capture cardholder data. Protecting POI devices helps prevent skimming and other attacks.
A list of all POI devices should be maintained, including the make, model, location, and serial number. The list should be kept up to date and verified periodically.
POI devices include point-of-sale (POS) terminals, mobile payment devices, and other devices used to capture payment card data at the point of interaction with the cardholder.
Maintaining an up-to-date list of POI devices helps ensure that all devices are accounted for and can be verified. Without a device list, it would be difficult to detect a substituted or additional unauthorized device.
The device list should include the make and model, location, and serial number of each device. The list should be updated whenever devices are added, removed, or relocated.
Periodic inspection of POI device surfaces helps detect tampering or unauthorized substitution. Skimming devices or other tampering may be difficult to detect without careful inspection.
POI devices should be periodically inspected to detect signs of tampering, such as unexpected attachments, changes in appearance, or broken seals. Personnel should be trained on how to identify signs of device tampering.
Signs of tampering include unexpected attachments or overlays on the device, changes to the serial number or appearance, broken security seals or labels, differences in color or material, and additional wiring or components.
The frequency of POI device inspections should be based on a risk analysis that considers the device's exposure to tampering, its location, and the volume of transactions processed. Higher-risk devices should be inspected more frequently.
A targeted risk analysis should be performed to determine the appropriate inspection frequency for each device or group of devices. Factors to consider include the device's physical accessibility, the level of supervision, and any history of tampering in the area.
Training personnel who interact with POI devices helps them recognize signs of tampering or substitution. Without awareness training, tampered or substituted devices may go undetected for extended periods.
Training should include how to verify device identity, how to recognize signs of tampering, and how to report suspicious behavior. Personnel should be aware of the risks of device tampering and the importance of prompt reporting.
Point-of-interaction (POI) devices that capture payment card data are targets for attackers who may attempt to tamper with or substitute devices to capture cardholder data. Protecting POI devices helps prevent skimming and other attacks.
A list of all POI devices should be maintained, including the make, model, location, and serial number. The list should be kept up to date and verified periodically.
POI devices include point-of-sale (POS) terminals, mobile payment devices, and other devices used to capture payment card data at the point of interaction with the cardholder.
Maintaining an up-to-date list of POI devices helps ensure that all devices are accounted for and can be verified. Without a device list, it would be difficult to detect a substituted or additional unauthorized device.
The device list should include the make and model, location, and serial number of each device. The list should be updated whenever devices are added, removed, or relocated.
Periodic inspection of POI device surfaces helps detect tampering or unauthorized substitution. Skimming devices or other tampering may be difficult to detect without careful inspection.
POI devices should be periodically inspected to detect signs of tampering, such as unexpected attachments, changes in appearance, or broken seals. Personnel should be trained on how to identify signs of device tampering.
Signs of tampering include unexpected attachments or overlays on the device, changes to the serial number or appearance, broken security seals or labels, differences in color or material, and additional wiring or components.
The frequency of POI device inspections should be based on a risk analysis that considers the device's exposure to tampering, its location, and the volume of transactions processed. Higher-risk devices should be inspected more frequently.
A targeted risk analysis should be performed to determine the appropriate inspection frequency for each device or group of devices. Factors to consider include the device's physical accessibility, the level of supervision, and any history of tampering in the area.
Training personnel who interact with POI devices helps them recognize signs of tampering or substitution. Without awareness training, tampered or substituted devices may go undetected for extended periods.
Training should include how to verify device identity, how to recognize signs of tampering, and how to report suspicious behavior. Personnel should be aware of the risks of device tampering and the importance of prompt reporting.
Point-of-interaction (POI) devices that capture payment card data are targets for attackers who may attempt to tamper with or substitute devices to capture cardholder data. Protecting POI devices helps prevent skimming and other attacks.
A list of all POI devices should be maintained, including the make, model, location, and serial number. The list should be kept up to date and verified periodically.
POI devices include point-of-sale (POS) terminals, mobile payment devices, and other devices used to capture payment card data at the point of interaction with the cardholder.
Maintaining an up-to-date list of POI devices helps ensure that all devices are accounted for and can be verified. Without a device list, it would be difficult to detect a substituted or additional unauthorized device.
The device list should include the make and model, location, and serial number of each device. The list should be updated whenever devices are added, removed, or relocated.
Periodic inspection of POI device surfaces helps detect tampering or unauthorized substitution. Skimming devices or other tampering may be difficult to detect without careful inspection.
POI devices should be periodically inspected to detect signs of tampering, such as unexpected attachments, changes in appearance, or broken seals. Personnel should be trained on how to identify signs of device tampering.
Signs of tampering include unexpected attachments or overlays on the device, changes to the serial number or appearance, broken security seals or labels, differences in color or material, and additional wiring or components.
The frequency of POI device inspections should be based on a risk analysis that considers the device's exposure to tampering, its location, and the volume of transactions processed. Higher-risk devices should be inspected more frequently.
A targeted risk analysis should be performed to determine the appropriate inspection frequency for each device or group of devices. Factors to consider include the device's physical accessibility, the level of supervision, and any history of tampering in the area.
Training personnel who interact with POI devices helps them recognize signs of tampering or substitution. Without awareness training, tampered or substituted devices may go undetected for extended periods.
Training should include how to verify device identity, how to recognize signs of tampering, and how to report suspicious behavior. Personnel should be aware of the risks of device tampering and the importance of prompt reporting.