Chris suggested that I post my message to him on the mail list. His response is included. I do not do retail but some of you might find this of value.
Regards, Rich ---------- Forwarded message ---------- On Tue, Jul 8, 2014 at 6:12 AM, Rich Shepard <rshep...@appl-ecosys.com> wrote: > I don't know if you follow Brian Krebs' blog, www.krebsonsecurity.com, > but you might consider doing so. His focus is on consumer/retailer fraud > such as ATM skimmers and stolen credit/debit card data. A number of thefts > (Target, Sally Beauty Supply, JC Chang's restaurants, car washes, etc.) > involve malware inserted in point of sale systems. If LedgerSMB has > retailers using such systems in front of your software it might be good if > you folks helped protect their customers' data by making them aware of the > problems and the available solutions. Those are good points. Plus you have the evolution of PCI compliance in response to such incidents. This is a very complicated topic, and I have usually directed people to the PCI Standards as the first place to start reading. The question of malware is also something which has received additional scrutiny in more recent versions of the standards but that's not the only area. For most of our users, I think recommending dedicated dial-in terminals for credit card processing really is the best way (i.e. avoid the PCI compliance and theft/malware concern regarding credit cards entirely). Maybe it would be a good point to bring this up on list? Chris Travers ------------------------------------------------------------------------------ Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft _______________________________________________ Ledger-smb-users mailing list Ledger-smb-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ledger-smb-users
