Educause Security Discussion mailing list archives
Re: PCI 3.0 compliance
From: Chris Green <CGreen () UTTYLER EDU>
Date: Mon, 9 Feb 2015 18:02:33 +0000
Has anyone looked into or implemented a PCI compliant cloud infrastructure as a solution? I have a call tomorrow with someone from FireHost to get more information on their service. Given the extreme cost and man hours it will take to get us up from SAQ B to SAQ C, I’m hoping they can provide a much more cost effective solution that will be infinitely easier for us to implement. Thanks, -C. From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ben Marsden Sent: Friday, February 06, 2015 1:54 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] PCI 3.0 compliance Alex, We're (slowly) starting a project as well, so I'd welcome any insights you might glean from your query. We're (only) a level 3 merchant institutionally, picking the right SAQ(s) is befuddling... Under v.2.x we'd point everyone at TouchNet and kind of ostriched any business process details. I got buy-in from the Controller's office to use v.3 as a reason to take a better look at some of our on-campus merchants, at least to get and keep them aware of risks and best practices. (The Controller's office are the "we" in this project -- small school tribulations.) -- Ben On Thu, Feb 5, 2015 at 3:01 PM, Alex Jalso <ACJalso () mail wvu edu<mailto:ACJalso () mail wvu edu>> wrote: Hello Everyone, Has anyone started or completed a project regarding PCI 3.0 compliance? If so, would you be willing to answer a few questions and / or have a conversation about it? Thanks. Alex Alex Jalso, PMP, CISM Director Information Security Services West Virginia University p: 304-293-4457<tel:304-293-4457> -- ============================================ Ben Marsden : Information Security Director, CISSP/GISP ITS, Stoddard Hall, Smith College, Northampton, MA 01063 bmarsden [at] smith [.] edu 413 [.] 585 [.] 4479 --------------------------------------------------------------------- =--> Any request to reveal your Smith password via email is fraudulent!
Current thread:
- PCI 3.0 compliance Alex Jalso (Feb 05)
- Re: PCI 3.0 compliance David James Anderson (Feb 05)
- Re: PCI 3.0 compliance David James Anderson (Feb 05)
- Re: PCI 3.0 compliance Shamblin, Quinn (Feb 06)
- Re: PCI 3.0 compliance Chris Green (Feb 06)
- Re: PCI 3.0 compliance Kevin Reedy (Feb 25)
- Re: PCI 3.0 compliance Ben Parker (Feb 25)
- Re: PCI 3.0 compliance Kevin Halgren (Feb 25)
- Re: PCI 3.0 compliance Kevin Reedy (Feb 25)
- Re: PCI 3.0 compliance Chris Green (Feb 06)
- Re: PCI 3.0 compliance David James Anderson (Feb 05)
- Re: PCI 3.0 compliance Chris Green (Feb 09)