Educause Security Discussion mailing list archives
Re: PCI compliance
From: "Hatala, Jeffrey" <hatala_j () SUNYBROOME EDU>
Date: Wed, 26 Mar 2008 09:40:01 -0400
Hello Lee, Depending on how you are capturing your CC#s you may see different parts eliminated from the compliancy list. We use http://www.securitymetrics.com/ The fee is $699.00, however since we are an M&T Bank customer and they have a fee break with Security Metrics, our costs is $139.00 per year. This gives us 4 automatic scan audits on our web server, (one way we capture). We can also log in to their website and run scans any time. There is the PCI self questionnaire on their website that needs to be filled out. These are the questions you need to ask your Department and IT staff. All the info resides on Security Metrics and THEY now act as our liaison to the PCI group that our college reports to. Hope this helps. Make it a great day! Jeff Hatala CISSP - "want to be" ________________________________ From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Lee Weers Sent: Wednesday, March 26, 2008 9:01 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] PCI compliance We discovered a department on campus that is still processing credit cards, and I am looking for a contact who would be willing to discuss the steps we need to perform to become PCI compliant. I am looking the questions we need to ask from the department, and then the initial basic steps we need to perform now, until we get all of the documentation found and filled out. Thank you, Lee Weers Assistant Director for Network Services Central College IT Services (641) 628-7675
Current thread:
- PCI compliance Lee Weers (Mar 26)
- <Possible follow-ups>
- Re: PCI compliance Ken Connelly (Mar 26)
- Re: PCI compliance Hatala, Jeffrey (Mar 26)
- Re: PCI compliance Sarah Stevens (Mar 26)