Does PCI DSS compliance forbids developers to have local admin rights 开发者_JAVA百科on their PC?
I can't see how it possibly can - unless doing that introduce a risk to the data in your organization (which it might). I guess the answer is 'Sometimes'.
This is just my opinion - I'm not certified in any way
You'll find most workplaces lock down admin rights anyway - it's fairly standard.
One of the main objectives of PCI DSS...
Build and Maintain a Secure Network
Will in the majority of cases include locking down individual machines to prevent admin access, though this doesn't in of itself make your network secure (neither does the inverse preclude this).
PA-DSS 2.0 says that developers should not develop software as an administrator as a good security practice and good development practice. Many users do not have administrative rights so it would make sense that you develop your application to have the least privilege to execute its task.
精彩评论