Reputation: 39641
PCI compliance and local admin rights
Does PCI DSS compliance forbids developers to have local admin rights on their PC?
Upvotes: 1
Views: 1940
Answers (2)
Reputation:
PA-DSS 2.0 says that developers should not develop software as an administrator as a good security practice and good development practice. Many users do not have administrative rights so it would make sense that you develop your application to have the least privilege to execute its task.
Upvotes: 0
Reputation: 4792
I can't see how it possibly can - unless doing that introduce a risk to the data in your organization (which it might). I guess the answer is 'Sometimes'.
This is just my opinion - I'm not certified in any way
You'll find most workplaces lock down admin rights anyway - it's fairly standard.
One of the main objectives of PCI DSS...
Build and Maintain a Secure Network
Will in the majority of cases include locking down individual machines to prevent admin access, though this doesn't in of itself make your network secure (neither does the inverse preclude this).
Upvotes: 1
Related Questions
- PCI DSS security - SRED protection
- PCI DSS compliant related to the Mobile Application payment
- NopCommerce PCI
- Do I have to be PCI DSS Compliant?
- PCI - Card Data Transmission
- I have a few questions for PCI compliance
- How can I configure a PCI compliant development environment
- Internal Vulnerability Scan Report
- PCI Level For Storing Credit Cards
- pci compliance c#