PCI compliance 1.4(b) on personal firewalls

5 pts.
Tags:
Firewalls
PCI
PCI compliance
PCI Compliance and Acquisitions
Requirement 1.4(b) asks if personal firewall software is not alterable by employee-owned computer users. If we allow employees to alter their personal firewall software settings, what other compensating controls could we implement in order to meet satisfy the objective of this requirement?

Answer Wiki

Thanks. We'll let you know when a new response is added.

for 1.4(b) just to share a little on what i did last time was we didnt allow the users to alter the firewalls on the pc.

but if you want to allow, there needs to be stronger security in other parts (like how its connected to the internet, how information is shared stored, make sure network don’t have virus and etc)..

when we did compensating controls (not for 1.4b) for some of the categories, we actually put ways that we will be able to keep the thing under control with solutions from security point of view

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Spaseman
    Jason - As the company IT associate, I don't have the authority to configure the firewall on employees' personal PC's. Although they do use their personal PC's to connect to our companies intranet, I would assume that their ISP's firewall, our VPN, and our firewall rules would meet the criteria. Is that a fair assumption?
    10 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following