Educause Security Discussion mailing list archives

Re: PCI DSS compliance challenges

From: Gary Flynn <flynngn () JMU EDU>
Date: Wed, 10 Jun 2009 12:08:13 -0400

Basgen, Brian wrote:

Hi Everyone,

 Our Finance department has been considering a new model of handling credit cards on our campuses that would involve 
cashiering stations that track credit card data through a desktop PC and send it over the internet.

 The interesting challenge for this model is complying with the PCI DSS. Our perception is that these kinds of 
deployments are becoming fairly common in higher-ed, so it would be interesting to hear the experiences of some other 
institutions with DSS. Are you segregating card holder data networks? What IT cost was incurred to setup a compliant 
environment for deployments your institution has done?

 I welcome any responses on or off list. Thanks! :)



I don't have an immediate answer for you but wanted to say
a group of us met just this morning to discuss this very
issue.

--
Gary Flynn
Security Engineer
James Madison University
www.jmu.edu/computing/security

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Current thread:

PCI DSS compliance challenges Basgen, Brian (Jun 10)
- <Possible follow-ups>
- Re: PCI DSS compliance challenges Gary Flynn (Jun 10)
- Re: PCI DSS compliance challenges Scott Weyandt (Jun 10)
- Re: PCI DSS compliance challenges Gary Flynn (Jun 10)
- Re: PCI DSS compliance challenges Brad Judy (Jun 10)
- Re: PCI DSS compliance challenges Greene, Chip (Jun 10)
- Re: PCI DSS compliance challenges Ellen Smout (Jun 10)
- Re: PCI DSS compliance challenges Basgen, Brian (Jun 10)
- Re: PCI DSS compliance challenges Gary Flynn (Jun 10)
- Re: PCI DSS compliance challenges Gary Flynn (Jun 10)
- Re: PCI DSS compliance challenges John Ladwig (Jun 10)
- Re: PCI DSS compliance challenges Ellen Smout (Jun 10)

(Thread continues...)