Educause Security Discussion mailing list archives
Re: PCI and common access computers
From: Chris Green <cmgreen () UAB EDU>
Date: Thu, 25 Mar 2010 08:54:35 -0500
I would split the hairs at "is this a required part of the payment process for something that you are in scope for". If you make people come into a lab and then submit payment for some service from those terminals to a payment application, I'd argue they are in scope. If people happen to use a common lab resource to conduct personal transactions with your payment applications, then I don't think they are in scope. -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Flynn, Gary Sent: Thursday, March 25, 2010 8:46 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] PCI and common access computers It has been suggested that these types of computers that people could use to perform credit card transactions may be in-scope for PCI compliance requirements. Anyone heard anything like that? I don't see how it could ever work as you couldn't restrict the access to the credit card requesting sites because they could be anywhere. And you really couldn't reliably prevent people from typing them either.
Current thread:
- PCI and common access computers Flynn, Gary (Mar 25)
- <Possible follow-ups>
- Re: PCI and common access computers Chris Green (Mar 25)
- Re: PCI and common access computers Zach Jansen (Mar 25)
- Re: PCI and common access computers Patrick Laughran (Mar 25)
- Re: PCI and common access computers Ewing, Ashley (Mar 25)
- Re: PCI and common access computers Eric C. Lukens (Mar 25)
- Re: PCI and common access computers Eric C. Lukens (Mar 25)
- Re: PCI and common access computers Patricia Vendt (Mar 25)
- Re: PCI and common access computers Patricia Vendt (Mar 25)
- Re: PCI and common access computers Blake Penn (Mar 25)
- Re: PCI and common access computers Basgen, Brian (Mar 25)
- Re: PCI and common access computers Flynn, Gary (Mar 25)
(Thread continues...)