Identify the systems and networks that store or transmit cardholder
information. Isolate those behind state firewalls.
Label everything else as public networks. Now only the isolated
network(s) and serer(s) have to comply with PCI.
Once you have policies in place your systems and networks have t
CISP compliance is more about policy and practices than about software.
--On August 20, 2007 6:14:36 PM -0500 Jonathan Wilson <[EMAIL PROTECTED]> wrote:
Sorry if this is the wrong place for this, but:
Does anyone know of a place I can get information on setting up CISP
(VISA credi
Hi Jonathan.
My company just got PCI certified (we're on our way to CISP). From what
I've discovered through the process of getting PCI-certified, most of
the work has to do with creating policies, and doing a lot of social
engineering to enforce and maintain those policies.
`
Beaurocracy aside, m
On 8/20/07, Jonathan Wilson <[EMAIL PROTECTED]> wrote:
> Sorry if this is the wrong place for this, but:
>
> Does anyone know of a place I can get information on setting up CISP (VISA
> credit card) compliant Debian systems - or Linux in general, if there's no
> Debian-specific info. I've been sear
Sorry if this is the wrong place for this, but:
Does anyone know of a place I can get information on setting up CISP (VISA
credit card) compliant Debian systems - or Linux in general, if there's no
Debian-specific info. I've been searching the web for a couple hours and I
don't know if I'm sear
5 matches
Mail list logo
