ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    PCI compliance

    IT Discussion
    pci pci compliance
    3
    3
    587
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • DashrenderD
      Dashrender
      last edited by

      Anyone here deal with PCI Compliance?

      Section 8: Are policies and procedures for user identification management controls defined and in place for non-consumer users and administrators on all system components, as follows:

      Does this mean any and all systems that are involved when taking a CC payment? i.e. you use a web browser to enter CC number into our processor's website, we maintain no record of the card number, but these restrictions apply to anything on the PC and anything it touches?

      8.2.4 Are user passwords/passphrases changed at least once every 90 days?

      Assuming the all components as described above, PCI requires that users change their Windows passwords every 90 days?

      travisdh1T 1 Reply Last reply Reply Quote 0
      • travisdh1T
        travisdh1 @Dashrender
        last edited by

        @Dashrender Yep. Just one reason why PCI isn't about security, it's about passing the blame.

        BRRABillB 1 Reply Last reply Reply Quote 2
        • BRRABillB
          BRRABill @travisdh1
          last edited by

          @travisdh1 said in PCI compliance:

          @Dashrender Yep. Just one reason why PCI isn't about security, it's about passing the blame.

          Can also replace PCI with HIPPA here and it stays true.

          1 Reply Last reply Reply Quote 2
          • 1 / 1
          • First post
            Last post