Security and pos best Practices Peter Harris


Cash Register/POS Security Action



Download 2.14 Mb.
View original pdf
Page2/4
Date20.02.2023
Size2.14 Mb.
#60707
1   2   3   4
prod.tos873817
Cash Register/POS Security Action
4690/ACE Solution Capabilities
Install Payment Application Security Standard- compliant payment applications.
TGCS payment application are designed to the
PA-DSS standard and reviewed by an independent assessor. The PCI website has the current list of validated applications. You will find ACE V7R3, V7R4, and V7R5 in the list of validated payment applications.
https://www.pcisecuritystandards.org/
Deploy the latest version of an operating system and ensure it is up to-date with security patches, antivirus software, file integrity monitoring, and a host -based intrusion-detection system Toshiba monitors and incorporates latest Linux security patches in 4690 Enhanced Toshiba monitors 4690 Classic issues for security concerns
• See below for File Integrity Monitoring (FIM) response
Assign a strong password to security solutions to prevent application modification provides password hashing (SHA1) with an update in 0F10
Perform a binary or checksum comparison to ensure unauthorized files are not installed has a builtin Report Module facility that can be used as the first line of defense in terms of file integrity management.


4690 OS/ACE Security Best Practices
Cash Register/POS Security Action
4690/ACE Solution Capabilities
Ensure any automatic updates from third parties are validated does not perform automatic updates for third party software
Disable unnecessary ports and services, null sessions, default users and guests By default, ports and services are disabled, and have to be turned on by the administrator 4690 does not support null sessions Administrator responsibility to change default user/password
Enable logging of events and make sure there is a process to monitor logs on a daily basis has extensive logging capabilities and coupled with the RMA Data Capture software, logs can be automatically pulled back to a central location for further analysis
Implement least privileges and ACLs on users and applications on the system 4690 Enhanced applications do not have root privileges 4690 provides fine-grained access control to OS menu options Our applications provides additional per-user access control to actions
Implement hardware-based point-to-point encryption ACE V7R4 and higher provides support for
TransArmor Verifone Edition (TAVE)

Security / Compliance with Verifone and First Data End-to-End Encryption

Download 2.14 Mb.

Share with your friends:
1   2   3   4




The database is protected by copyright ©ininet.org 2024
send message

    Main page