1
  • PCI compliance 1.4(b) on personal firewalls

    Requirement 1.4(b) asks if personal firewall software is not alterable by employee-owned computer users. If we allow employees to alter their personal firewall software settings, what other compensating controls could we implement in order to meet satisfy the objective of this requirement?

    Eb100255 pointsBadges:
  • PCI-DSS Scope minimization

    i am trying to prepare a methodology on how to implement PCI-DSS.i prepared my scope but now i want to know what are the exact steps which one would have to follow to SHRINK OR MINIMIZE SCOPE. can someone help me. Thank you

    Ritik5 pointsBadges:
  • Securely accepting credit card payments face-to-face?

    I've been tasked with finding a low-overhead way of taking credit cards for a one-time event. Most people are hopefully paying in advance via PayPal, and I'm wondering if anyone has tried just setting up a laptop (monitored by an employee) to take credit card payments in person before? Any other...

    Michael Morisy8,323 pointsBadges:
  • How soon is PCI scan required on new application?

    Hello, The larger team I work in is about to release a new ecommerce website that allows the secure storage and usage of personal and corporate credit cards. As far as system components go, the payment card info. is stored securely in Oracle and the DB itself is in the private network behind a...

    U00bka5 pointsBadges:
  • Secure file deletion on an iSeries

    How can I perform a secure file deletion on an iSeries system, as per a secure file deletion on a PC? The PCI police are chasing me for an answer, but I'm not convinced its possible/necessary.

    Rpm40 pointsBadges:
  • PCI Complaince

    How does one become credited to do audits for PCI compliance .. what are the steps to be followed .. Does anyone know or understand the cost .. IS it a comp-any or an individual that gets a certificated or both ? what if the employees leaves does the company stay certified ?

    level5 pointsBadges:
  • Oracle Application Server – how to manage ciphers

    Hello all, A PCI compliance scan of my web server revealed that it allows weak and anonymous ciphers. I set the sslciphersuite entry in the ssl.conf file, but it didn't change anything. Any ideas how to set the allowed ciphers in Oracle AS 10g?

    Barryit5 pointsBadges:
  • NetApp DataFort and PCI Compliance

    Does NetApp DataFort meet current PCI requirements ?

    ClaireS5 pointsBadges:
  • Outside vendor located on premises

    We have an outside vendor located on our premises making credit card sales. If they are not PCI compliant, and/or if their data becomes compromised, what is our liability, considering it will be our shared customer who is affected?

    Patty10 pointsBadges:
  • How to Legally Segment Company with two divisions one PCI-compliant and the other non PCI-Compliant to maintain status.

    We are thinking of acquiring a company which has a product which is not pci compliant. We are PCI-Compliant and want to Legally Segment the company so we can pass next years audit while we work to bring the other division into pci compliance. Would setting up a Holding company with two divsions...

    Maximo5 pointsBadges:
  • firewalls rules according to PCI Compliance

    What are the basic guidelines for firewalls rules according to PCI Compliance?

    FirewallX5 pointsBadges:
  • Need opinions on severity of security risk from vulnerability scan

    We used eEye's Retina Scanner to run a vulnerability scan on a server. A risk was identified which was classed "Low" but the PCI Severity Level was classed as 5 or urgent. The vulnerability was Microsoft Windows optional Subsystems are permitted to operate on the system and the fix was to change a...

    Security Channel ATE15 pointsBadges:
1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following