Educause Security Discussion mailing list archives
Re: PCI compliance on a university network
From: "Flynn, Gerald" <flynngn () JMU EDU>
Date: Tue, 22 Dec 2009 09:14:02 -0500
-----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Gary Dobbins Sent: Tuesday, December 22, 2009 4:10 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] PCI compliance on a university network We found that the scope of requirements for compliance was so large, and ended up including so much infrastructure, as to be untenable in a typical university LAN. For that reason we went with a wholly-isolated environment in order to keep the scope localized to a set of systems and network gear that we could "get our hands around" in terms of compliance. We use a VPN concentrator and inexpensive SOHO devices with nailed-up VPN tunnels for the POS stations, so the payment card network ends up being virtual, and again can be seen as wholly- contained in the special environment.
Are the POS stations desktops? How many did you end up with? Did you give the people two desktops?
Current thread:
- PCI compliance on a university network Greg Francis (Dec 21)
- <Possible follow-ups>
- Re: PCI compliance on a university network Gary Dobbins (Dec 22)
- Re: PCI compliance on a university network James R. Pardonek (Dec 22)
- Re: PCI compliance on a university network Michael Johnson (Dec 22)
- Re: PCI compliance on a university network Flynn, Gerald (Dec 22)
- Re: PCI compliance on a university network Flynn, Gerald (Dec 22)
- Re: PCI compliance on a university network John Ladwig (Dec 22)
- Re: PCI compliance on a university network Daniel Adinolfi (Dec 22)
- Re: PCI compliance on a university network Paul Kendall (Dec 22)
- Re: PCI compliance on a university network HALL, NATHANIEL D. (Dec 22)
- Re: PCI compliance on a university network Flynn, Gerald (Dec 22)
- Re: PCI compliance on a university network Joel Rosenblatt (Dec 22)
- Re: PCI compliance on a university network Allison Dolan (Dec 22)
- Re: PCI compliance on a university network Flynn, Gerald (Dec 22)
- Re: PCI compliance on a university network John Ladwig (Dec 22)
- Re: PCI compliance on a university network Crary, Greg (Dec 22)
(Thread continues...)