We notice you are visiting from a U.S. Internet provider. 
22/02/2010 -
An intricate payment processing security system can be effective, but if its access controls are lacking, it immediately loses most of its value. As a result, access controls are an important part of PCI compliance, and merchants should take them seriously, reported IT news website eWeek.com.
Access controls are mandated in sections seven and eight of the PCI DSS, the article noted.
To implement the proper access controls, businesses should first audit their current policies to see where their strengths and weaknesses are.
Businesses should also remember when revamping their access controls that they should closely monitor those who are granted access.
"This 'zero trust' access model allows organizations to adhere to PCI mandates, even when dealing with users (such as vendors, outsourced personnel and other third parties) who access systems from unmanaged endpoints," the website noted.
Payment processing magazine the Green Sheet recently gave merchants similar advice, saying that access controls are one of the most important factors in protecting cardholder data.
"There's not much value in having 10 bouncers at the front door of a nightclub with a detailed list of invited guests if a 60-year-old man can walk up and say, 'I'm Paris Hilton. Let me in,' and then be admitted," the magazine reported.
