Benchmark: Requirement 7: Restrict access to cardholder data by business need to know
Description
To ensure critical data can only be accessed by authorized personnel, systems and processes must be in place to limit access based on need to know and according to job responsibilities.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select Requirement 7: Restrict access to cardholder data by business need to know.
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.pci_dss_v321_requirement_7Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.pci_dss_v321_requirement_7 --shareBenchmarks
- 7.1 Limit access to system components and cardholder data to only those individuals whose job requires such access
- 7.2 Examine system settings and vendor documentation to verify that an access control system(s)