Thanks Erik, I appreciate the response.
Thomas From: Erik Goldoff [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 09, 2008 9:49 AM To: NT System Admin Issues Subject: RE: pci compliance Well, if things are still the same, level 4 merchants are only required to perform a self-audit, the higher you are on the merchant levels, the more stringent the requirements and deadlines. ________________________________ From: Benjamin Zachary - Lists [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 08, 2008 5:27 PM To: NT System Admin Issues Subject: RE: pci compliance I have found that even the free cisecurity.org tools run on each server is a great place to start. A 50 page report on each server with all its pass/fails. I think the free one even offers you the regkey fixes, or mskb to fix each issue. Documentation is key. Im not sure what the different levels are/mean although I have heard some talk about them with my clients and their respective auditor. A lot of the information will also come from the auditor once you pick a company they normally send you a lot of information to help get you going in the right direction. Maybe at your level you don't require an on-site audit. The ones I do have a 3rd party auditor authorized by Visa/MC to come onsite every year, and also do pen tests every quarter. No virus found in this incoming message. Checked by AVG. Version: 7.5.519 / Virus Database: 269.22.9/1365 - Release Date: 4/8/2008 7:30 AM No virus found in this outgoing message. Checked by AVG. Version: 7.5.519 / Virus Database: 269.22.10/1367 - Release Date: 4/9/2008 7:10 AM This email and any attached files are confidential and intended solely for the intended recipient(s). If you are not the named recipient you should not read, distribute, copy or alter this email. Any views or opinions expressed in this email are those of the author and do not represent those of the Girl Scouts of Southwest Texas company. Warning: Although precautions have been taken to make sure no viruses are present in this email, the company cannot accept responsibility for any loss or damage that arise from the use of this email or attachments. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
