|
Integrator Notes
Per PCI-DSS 12.3, develop usage policies for critical employee-facing technologies (such as modems and wireless) to define proper use of these technologies for all employees and contractors. Ensure these usage policies require the following:
| • | Explicit management approval |
| • | Authentication for use of the technology |
| • | List of all such devices and personnel with access |
| • | Labeling of devices with owner, contact information, and purpose |
| • | Acceptable uses of the technologies |
| • | Acceptable network locations for the technologies |
|