Educause Security Discussion mailing list archives
Re: RuffaloCODY Fundraising Management question
From: Walter Petruska <wpetruska () USFCA EDU>
Date: Fri, 21 Jun 2013 16:45:54 -0400
Thanks, Jon. I've received many replies which lead me to believe that we've had near-universal experiences leaving us wishing for a better standard services agreement from RuffaloCODY. We're on negotiated version 3, which (surprise surprise) finally nails down language over who is responsible for what- and what the delineation is between PCI scopes between RC and USF. As a way of asking what you ended up with- do you have a picture/drawing or verbal description over what components, systems and people are in PCI scope to which party? On Thu, Jun 20, 2013 at 1:39 PM, Allen, Jon D. <Jon_Allen () baylor edu> wrote:
We went through a long process on this one. I am happy to talk. Thanks, _________________________________ Jon Allen, CISSP, EnCE Assistant Vice President & Chief Information Security Officer 254.710.4793<tel:254.710.4793> [Description: Description: bearawarefinal] www.baylor.edu/bearaware<http://www.baylor.edu/bearaware> On Jun 20, 2013, at 11:20 AM, "Coffman, Tobiah" <tcoffman () BSU EDU<mailto: tcoffman () BSU EDU>> wrote: Walter, We have RuffaloCODY on our campus. I have somewhat limited knowledge of the setup, but I can answer what I know and try to get answers for anything else. -Tobey Coffman, CISSP Director of Information Security Ball State University From: The EDUCAUSE Security Constituent Group Listserv [mailto: SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Walter Petruska Sent: Wednesday, June 19, 2013 3:07 PM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] RuffaloCODY Fundraising Management question Could any of you who have RuffaloCODY as a service provider, operating ON your campus (and therefore within your facilities/on your network, etc.) please contact me directly (off-list) for a brief discussion. The topic is past performance, and specifically, PCI-compliance and where to draw the contract and technology and organizational lines to maintain compliance of each party (RuffaloCODY & your institution) Thanks much- -- Walter Petruska CISSP, CISA, CGEIT Information Security Officer infosec.usfca.edu<http://infosec.usfca.edu> [http://www.usfca.edu/images/usflogo_tag_180.png] University of San Francisco Lone Mountain North - 2nd Floor 2130 Fulton Street San Francisco, CA 94117 ITS Help Desk, Phone: 415-422-6668
-- *Walter Petruska CISSP, CISA, CGEIT* *Information Security Officer* infosec.usfca.edu *University of San Francisco* Lone Mountain North - 2nd Floor 2130 Fulton Street San Francisco, CA 94117 *ITS Help Desk*, Phone: 415-422-6668
Current thread:
- RuffaloCODY Fundraising Management question Walter Petruska (Jun 19)
- Re: RuffaloCODY Fundraising Management question Coffman, Tobiah (Jun 20)
- Re: RuffaloCODY Fundraising Management question Walter Petruska (Jun 20)
- Re: RuffaloCODY Fundraising Management question Allen, Jon D. (Jun 20)
- Re: RuffaloCODY Fundraising Management question Walter Petruska (Jun 21)
- Re: RuffaloCODY Fundraising Management question Coffman, Tobiah (Jun 20)