Frequently Asked Question

What does “console access” mean for PCI DSS Requirements 8.4.1 and 8.4.2?

Console access refers to a system with a direct physical connection to another system component, where that connection does not rely on a networked connection (meaning that access is from the “console” to the system component via a physical cable). Console access is a mechanism typically used by system administrators, to connect via physical cable to a system component that resides in the CDE or sensitive area for purposes of managing that system (for example, editing a sensitive configuration file on that system component). This is considered a more secure form of access because it cannot be easily intercepted by an unauthorized user.

Console access does not include situations where the system is used to access other system components over a networked connection. For example, access via a laptop or workstation using a physically connected keyboard is not considered “console access” if that system requires a networked connection to access any other system component.

May 2024
Article Number: 1577

Featured FAQ Articles