Security and pos best Practices Peter Harris



Download 2.14 Mb.
View original pdf
Page3/4
Date20.02.2023
Size2.14 Mb.
#60707
1   2   3   4
prod.tos873817
Verishield Protect
– Encrypts data at swipe of card Tokenization - Transarmor (list of TAVE)
– Protects card data and prevents it from entering the merchant environment POS never holds actual card numbers from the transactions Removing payment card data from POS removes it from PCI scope Can reduce the scope of annual PCI audits by as much as 80%
• Can reduce the time PCI compliance requires by as much as 50%
ACE supports First Data

s
tokenization function for
credit, debit, and EBT
Food/Cash tenders

Best
Practices
Latest software (install security patches)
Limit/avoid shared passwords
Define network zones
Use multi-factor authentication
Define, set & adhere to permissions/access
Use the functions provided
Find the right partners
BE VIGILANT!


4690 OS SECURITY CASE STUDY

A 4690 OS customer hired a white hat hacking company to perform a penetration test of their live system. They agreed to allow us to present the results, given that no identifying information be included.
4690 OS Security Case Study


1.Issue Title Insecure Protocols
Severity: Severe
Description: telnet ftp enabled
Vendor/TGCS recommendations Enable SSH
2.Issue Title Sensitive Information in Memory Dumps
Severity: High
Description: Card data in memory dumps
Vendor/TGCS recommendations
Enable Data Security (V6R4)
4690 OS Penetration Test Results


3.Issue Title Insufficient Server Hardening

Download 2.14 Mb.

Share with your friends:
1   2   3   4




The database is protected by copyright ©ininet.org 2024
send message

    Main page