Educause Security Discussion mailing list archives

Re: Trustwave Anyone?

From: Paul Keser <pkeser () STANFORD EDU>
Date: Mon, 27 Apr 2009 15:22:19 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

We have had good luck with Trustwave.  Toby at Trustwave has been very
patient with our multiple conference calls for advice as we develop our
 Virtualization (storage and OS) policies for restricted data.

We are using PCI-DSS as our default standard for handling any restricted
or prohibited data, not just credit card data.  We have worked closely
with Trustwave as we moved down this path.

http://www.stanford.edu/group/security/securecomputing/dataclass_chart.html
http://www.stanford.edu/group/security/securecomputing/iso-guidelines.html

I hope this helps.


- -PaulK

Paul Keser
Assoc. Information Security Officer
Stanford University
650.724.9051
GPG Fingerprint:  DBA3 E20F CE91 28AA DA1C  4A77 3BD9 C82D 2699 24FB


Bob Henry wrote:

Has anyone contracted with Trustwave for PCI-DSS compliance validation
services?  Either on-list or off-list, please let me know how that
worked out for you.

Thank you,

Bob

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkn2MBoACgkQO9nILSaZJPvhjACgnm6WBEsj53WfJU9hAFEnpHey
07QAn2PukWQ6n7cTnTHWRVToUJDkpwk3
=Kwda
-----END PGP SIGNATURE-----

Current thread:

Trustwave Anyone? Bob Henry (Apr 24)
- <Possible follow-ups>
- Re: Trustwave Anyone? Roger Safian (Apr 27)
- Re: Trustwave Anyone? Paul Keser (Apr 27)