The term “remote access” refers to access to a computer network from a location outside of that network. Examples of remote access include access from the Internet, an “untrusted” network or system, a third party service provider, access from a third party location (such as a business partner or business customer), or access by personnel from a portable computer over the Internet.

Examples of remote access include access from the Internet, an “untrusted” network or system, a third party service provider, access from a third party location (such as a business partner or business customer), or access by personnel from a portable computer over the Internet. Internal company LAN-to-LAN access (for example, two corporate locations connected by VPN within the same entity) is not considered remote access, as both locations are under the control of the same entity. Access Such connections would between two different entities (even if via VPN or private line), such as access involving business customers or third party service providers, is considered remote considered “non-console” access.

As defined in ccess between two different entities (even if via VPCI DSS Requirement 8N or private line), such as access involving business customers or third party service providers, is considered remote access.3, two-factor authentication is required for all remote network access that originates from outside the entity’s own network, where that remote access could lead to access to the cardholder data environment.