Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: PCI Compliance Policies

From: "Penn, Blake" <pennb () UWW EDU>
Date: Thu, 19 Jul 2007 12:55:11 -0500
30 June 2005 was the *compliance* deadline (back with the "old" 1.0
requirements).  1.1 requirements are in effect now.  September is when VISA
is mandating *validation* (as opposed to compliance) for level 2 merchants.
MasterCard is not requiring validation for level 2 merchants until the end
of 2008, though.  Every merchant level is currently required to comply with
all the requirements, however.

___________________________________________
Blake Penn, CISSP                            
Information Security Officer         
University of Wisconsin-Whitewater
(p) 262-472-7792 (f) 262-472-1285
pennb () uww edu | http://www.uww.edu/security 

-----Original Message-----
From: Roger Safian [mailto:r-safian () NORTHWESTERN EDU] 
Sent: Thursday, July 19, 2007 12:20 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] PCI Compliance Policies

At 12:14 PM 7/19/2007, Theresa M Rowe put fingers to keyboard and wrote:

Is ANYONE going to be compliant by the September deadline??  Did you use a 
consultant to get there?


What is the September deadline?  I thought compliance was supposed to start
on 1/1/06?  

FWIW, we're still working on compliance...it's pretty time consuming.


-- 
Roger A. Safian 
r-safian () northwestern edu (email) public key available on many key servers.
(847) 491-4058   (voice)
(847) 467-6500   (Fax) "You're never too old to have a great childhood!"

Attachment: smime.p7s
Description:

Previous By Date Next
Previous By Thread Next

Current thread: