Payment Card Industry (PCI) Solution

7.1 Limit access to computing resources and cardholder information to only those individuals whose job requires such access.

Access control is an essential element of all Check Point security solutions. Check Point's perimeter, internal, Web, and endpoint solutions allow for the creation of granular access and authorization rules. VPN-1 and InterSpect enforce access policies at the perimeter and on the internal network. Connectra and VPN-1 enforce access policies when providing remote access to users outside the perimeter. Check Point Endpoint Security uses desktop firewall rules and network zones to limit PC access to network resources and segments. These access policies define what resources an individual, group, or department is authorized to view.

Check Point VARs, SIs, and business partners can provide consulting services to help an organization deploy and configure Check Point solutions so cardholder data access is restricted as required in section 7.1.

7.2 Establish a mechanism for systems with multiple users that restricts access based on a user's need to know and is set to "deny all" unless specifically allowed.

Check Point perimeter, internal, and Web solutions provide strong access control measures. Access privileges can be set based on an individual, group, or department need-to-know basis, to ensure that access to system resources, including cardholder information, is limited only to those individuals requiring access. Check Point solutions include the capability to set default access to "deny all" unless specifically authorized by the enterprise administrator.

Check Point VARs, SIs, and business partners can provide consulting services to help an organization define the need to know and user access policies that are enforced by Check Point solutions as part of this requirement.