• Upgrade OpenSSH version for PCI compliance in CentOS

    I'm currently running CentOS 5.7 and I need to upgrade my OpenSSH to the latest version for PCI compliance issues. But I'm only seeing 4.3p2 as the most recent version through the CentOS yum repository. How can I update to the latest version?

    ITKE371,585 pointsBadges:
  • PCI audit for domain administrators

    Our client is currently a Tier 1 PCI company and our auditor made a suggestion in regards to us as System Administrators / access rights. Right now, our entire Windows infrastructure is about 700 desktops and 80 servers, along with 10 domain controllers. Now, they're saying we should move to a...

    ITKE371,585 pointsBadges:
  • Return using another SAP platform

    A year or so ago an expensive material was shipped to another country. Now the country wants to ship it back but the part of the company that entered the order doesn't want process the return nor give a credit to the customer. It is against SOX guidelines to enter a PO in another SAP platform and...

    soxquestions1235 pointsBadges:
  • Antivirus software on DNS Linux servers for PCI compliance

    In a recent PCI DSS audit, we need to install antivirus software on our DNS servers that are running Linux. The servers weren't compromised but this was recommended. Should we go ahead and do this? If we should, which antivirus should we go with?

    ITKE371,585 pointsBadges:
  • Password policies on Google Compute Platform for PCI DSS compliance

    Would there happen to be a way to set password policies for accounts on Google Compute Platform? I'm trying to meet PCI DSS requirements. I need to include expiring passwords every four months or so, password strength and preventing re-use of passwords. Thanks!

    ITKE371,585 pointsBadges:
  • Upgrade Apache version for PCI compliance

    For PCI compliance, I'm required to upgrade from Apache 2.2.15 to 2.2.19 on CentOS. Here's what I tried so far: yum update httpd yum install httpd-2.2.29 But it keeps telling me that there's no package available. Like I said, I have to fix this for PCI compliance since there's a vulnerability. What...

    ITKE371,585 pointsBadges:
  • PostgreSQL scrubbing for PCI compliance

    Does anyone know if there's an easy add-on or open source software to do replication on PostgreSQL so we have the data inside be scrubbed for PCI compliance while being replicated? I'm also looking for an instant offering (no lag).

    ITKE371,585 pointsBadges:
  • Authorize.NET API for PCI compliance

    Has anyone ever used Authorize.NET API for PCI compliance? I understand the API requires SSL but does the TOS agreement also require PCI compliance or another certification? I'm not storing credit card information. Thank you very much!

    ITKE371,585 pointsBadges:
  • Rotate keys in SQL Server encryption for PCI compliance

    I understand that PCI compliance needs an annual rotation of keys. It's for decrypting your data, followed by re-encrypting it with a new key. So we have around 16 databases that are across 3 servers and multiple tables. It's only going to get bigger. Could I write something for this? Or should I...

    ITKE371,585 pointsBadges:
  • PCI compliant for secure payment service

    We're using a payment service that has a secure link where the actual payment from data will be posted. This is what the form will contain: Customer information Billing information Credit Card information Should the form be hosted on the secure site as well? A friend of mine told me that as long as...

    ITKE371,585 pointsBadges:
  • Key management for PCI DSS compliance

    Sorry for the short question but does anyone have any experience with a scheme that implements a key management scheme what complies with PCI DSS security standards? Thanks so much!

    ITKE371,585 pointsBadges:
  • WPF control assembly for PCI compliance

    We have a WPF application that's integrated with credit card processing information. We have the info swiped into a WPF web browser for PCI compliance. Our browser is PCI compliant and our code never deals with the credit information. But now we're trying to have a stand-alone PCI compliant WPF...

    ITKE371,585 pointsBadges:
  • PCI compliance for e-commerce website on Rackspace cloud servers

    We're making an e-commerce website that's going to be in Rackspace cloud servers. Are there any requirements in regards to PCI compliance? As long as we have a working SSL certificate, along with not storing credit card info...we should be all set right? Thank you.

    ITKE371,585 pointsBadges:
  • OpenSSH on OS X for PCI compliance

    Our current version of OpenSSH on OS X is not PCI compliant. We need to upgrade it but it hasn't been working well. I did this first: brew tap homebrew/dupes brew install openssh It worked but when I tried which shh, I get this: /usr/local/bin/ssh That's fine too but our Port 22 is still using the...

    ITKE371,585 pointsBadges:
  • ASP.NET membership provider for PCI compliance

    Hello, I've noticed over the past few weeks that my ASP.NET membership provider / tables isn't PCI compliant. I'm wondering if anyone has implemented the provider that's PCI compliant. Does anyone have some experience? Thanks!

    ITKE371,585 pointsBadges:
  • Is my web application PCI compliant?

    We have a web application and it receives credit card information that's transmitted through a POST request by a web browser over HTTPS. It also opens a socket to our remote PCI compliant card processor to forward the data and wait for a response. Is that PCI compliant? Thank you!

    ITKE371,585 pointsBadges:
  • PCI compliant for my payment gateway

    I've been thinking about using eWay for my payment gateway. But it offers two options: A user can either type in their credit card information on the hosted website or they can use my own form / send the data though my server to the back end. I'm leaning towards using the second option. I spoke to...

    ITKE371,585 pointsBadges:
  • PCI DSS restrictions for source code repository management

    Are there any restrictions when it comes to source code repository management under PCI DSS? This is our related to our credit card processing service for clients. Thanks!

    ITKE371,585 pointsBadges:
  • PayPal link: Is it PCI compliant?

    We're tying to build a website using Payflow link, where credit card processing is handled on Paypal hosted pages. But I'm thinking of implementing the advanced integration method, where our customers input their info on a form by my server. The form then gets posted over a SSL directly to Paypal's...

    ITKE371,585 pointsBadges:
  • How to make my website PCI compliant

    Here's what I have: I'm using a payment gateway for my website and so I provide my own credit card details form and send data to the back end through XML. Should I need to worry about PCI compliance? As long as my website is on SSL, I don't have to worry right? Thanks!

    ITKE371,585 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.