1.4 - Network Connections Between Trusted and Untrusted Networks Controlled

The PCI DSS 4.0 requirement 1.4 mandates that all network connections linking trusted environments, such as the cardholder-data environment, to untrusted networks be strictly controlled, documented, and limited to only necessary services. Organizations must employ firewalls or segmentation, enforce approved protocols and ports, and continuously monitor these links to prevent unauthorized access.