Sub-Requirement 8.6

8.6 Where other authentication mechanisms are used (for example, physical or logical security tokens, smart cards, certificates, etc.), use of these mechanisms must be assigned as follows (Type - Evolving Requirement):

  • Authentication mechanisms must be assigned to an individual account and not shared among multiple accounts.
  • Physical and/or logical controls must be in place to ensure only the intended account can use that mechanism to gain access.
  • New Requirement: v3.0 November 2013

Illustrative Controls and the TIBCO LogLogic Solution

Personnel need to be aware of and following security policies and operational procedures to ensure systems are protected from malware on a continuous basis.

Reports and Alerts

Use the link/reference to see the 8.6 reports and alerts: 8.6 on page 133.