Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: PCI compliance on a university network

From: John Ladwig <John.Ladwig () CSU MNSCU EDU>
Date: Tue, 22 Dec 2009 10:00:13 -0600
Word.


"Flynn, Gerald" <flynngn () JMU EDU> 2009-12-22 09:53 >>>

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Allison Dolan
Sent: Tuesday, December 22, 2009 10:48 AM
To: SECURITY () LISTSERV EDUCAUSE EDU 
Subject: Re: [SECURITY] PCI compliance on a university network

On Dec 22, 2009, at 10:27 AM, Flynn, Gerald wrote:


      And our QSV said both VLANS and VMs were OK.

      Sigh.




And to top it off, regardless of who says what, or what  you do or
don't  have in place, if you have a breach, you must not have been
compliant!


Yeah. We've heard that too.

I guess the security of a system that allows one to extract money
knowing only a 16 or 20 digit number is beyond review. :)
Previous By Date Next
Previous By Thread Next

Current thread: