Educause Security Discussion mailing list archives
Re: Budget for PCI DSS SAQ D for Bookstore Operations
From: "Bazeley, Joseph E." <bazeleje () MUOHIO EDU>
Date: Tue, 2 Aug 2011 14:01:39 -0400
Can you get them to use PCI DSS SAQ C instead? SAQ D means that they're storing credit card numbers, which will make their PCI compliance effort require more resources and increases the likelihood of a breach leading to exposed credit card numbers and the associated notification. If they don't have an extremely good reason to store those credit card numbers (and it needs to provide an associated benefit that outweighs the cost from doing so), they should quit storing them. Regards, Joe Joe Bazeley Information Security Officer Miami University Hoyt Hall 314 513-529-9252 From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () listserv educause edu] On Behalf Of Self, Dennis Sent: Tuesday, August 02, 2011 1:56 PM To: SECURITY () listserv educause edu Subject: [SECURITY] Budget for PCI DSS SAQ D for Bookstore Operations Security Friends, Have you developed a budget for PCI DSS SAQ D compliance for your bookstore operation in the recent past? For my institution, the bookstore may be the only operation that cannot be reasonably remediated to qualify for SAQ A or B. If you are willing to share your budget, please respond offline. Also please let me know if I may identify you and your institution to our administration. Lastly, if you reverted back in technology to dial terminals as a solution, please let me know. Kind regards, Dennis Self Director, IT Security & Compliance Technology Services Samford University (205) 726-2692
Current thread:
- Budget for PCI DSS SAQ D for Bookstore Operations Self, Dennis (Aug 02)
- Re: Budget for PCI DSS SAQ D for Bookstore Operations Bazeley, Joseph E. (Aug 02)
- Re: Budget for PCI DSS SAQ D for Bookstore Operations Joel Rosenblatt (Aug 02)
- Re: Budget for PCI DSS SAQ D for Bookstore Operations Bazeley, Joseph E. (Aug 02)
- Re: Budget for PCI DSS SAQ D for Bookstore Operations John Ladwig (Aug 02)
- Re: Budget for PCI DSS SAQ D for Bookstore Operations Eric C. Lukens (Aug 02)
- Re: Budget for PCI DSS SAQ D for Bookstore Operations Joel Rosenblatt (Aug 02)
- Re: Budget for PCI DSS SAQ D for Bookstore Operations Nick Lewis (Aug 02)
- Re: Budget for PCI DSS SAQ D for Bookstore Operations Joel Rosenblatt (Aug 02)
- Re: Budget for PCI DSS SAQ D for Bookstore Operations Bazeley, Joseph E. (Aug 02)
- <Possible follow-ups>
- Re: Budget for PCI DSS SAQ D for Bookstore Operations John Ladwig (Aug 02)
- Re: Budget for PCI DSS SAQ D for Bookstore Operations Henninger, Craig (Aug 03)
- Re: Budget for PCI DSS SAQ D for Bookstore Operations Self, Dennis (Aug 03)
- Re: Budget for PCI DSS SAQ D for Bookstore Operations Joel Rosenblatt (Aug 03)
- Re: Budget for PCI DSS SAQ D for Bookstore Operations Henninger, Craig (Aug 03)