PCI DSS has always required that any untrusted, remote access into the cardholder data environment use multi-factor authentication. Now version 3.2 takes it one step further.
After more than 10 years in existence, the PCI Data Security Standard (PCI DSS) is globally recognized and accepted as a mature industry standard. It’s most recent iteration — PCI DSS version 3.2 — focuses on confirming that security controls are in place and operating effectively, and that processes are followed throughout the year and not just during the annual validation.
