cbs pci webinar - april
DESCRIPTION
CBS in association with Tekmark present "Think Your PCI Compliant, Odds are You're Not"TRANSCRIPT
Your HostsYour Hosts
Gary Stotko
•CBS Vice President of Sales and Marketing•Technology Service Provider for the Hospitality Industry
Patrick Purcell •Tekmark Director of Business Development•Managed Security Service Provider
• One of the nations largest hospitality technology providers.
• Our customers are large, multi-unit chains to single-unit operators.
• We understand the needs of the small operator while being able to satisfy the demands of a large chain.
3 3 Points to RememberPoints to Remember
3 3 Points to RememberPoints to Remember
THIS COULD PUT YOU OUT OF BUSINESS!!THIS COULD PUT YOU OUT OF BUSINESS!!
3 3 Points to RememberPoints to Remember
Are you willing to take this risk?Are you willing to take this risk?
Before we start…
Foundation for your PCI StrategyFoundation for your PCI Strategy
PCI Data Security Standard
Operating System
POS Software
Hardware
• What Is Compliant– Windows 7 on Server– Windows XP SP3– Windows POSReady 2009 on Terminals
• What Is Not Compliant– Windows 2000, 98, 95, XP SP 1 + 2– Windows XP Embedded SP 1 & 2
• What is the Risk of an old Operating System?
Operating System
• What is Compliant– Current Windows OS on Server and Terminals– PCI-compliant version of POS• POSitouch 5.32-4 for existing deployments
– All Other System Software• Midnight Express v 4.0• Transaction Plus v 7.09
• What is Not Compliant– POSitouch: 5.31 and earlier
POS Software
• All Terminals and Workstations• Back-office Server• Firewall• Older Terminals: – IBM 53C, 521, 531, 532, J2 520, J2
560, Posiflex 5800 Series
Hardware
Your Old Hardware May Not Work With Your Updated OS and POS!
PCI Data Security Standard
• Data Security Standard (DSS)• Firewall• PCI Scanning by Approved Scanning Vendor (ASV)• Self-Assessment Questionnaire (SAQ)
DSS:DSS:12 Key Security Requirements12 Key Security Requirements
• PCI Security Starts Here– Requirement #1 of PCI DSS
• Stops Intruders, Viruses, and Malware• Enables Secure Remote Access– No more PC Anywhere!
• Manage it actively or it’s Useless
More than 3 years old? Chances are it’s End Of Life and NOT COMPLIANT!
FirewallFirewall
• Must be performed Quarterly• Must be done by ASV• Scanning Report leads to Remediation
Who Will Help Fix The Problems Found By Scanning?
PCI Scanning by ASVPCI Scanning by ASV
Self-Assessment QuestionnaireSelf-Assessment Questionnaire
• Annual Submission to Brands and Banks
• Must be signed by Store Operator
Over 200 questions and
49 pages long!
What to Do NextWhat to Do Next
Where Can You get Help?Where Can You get Help?
Watch for our Watch for our next webinar in next webinar in
June!June!
PCI Security ResourcesPCI Security Resourceswww.pcisecuritystandards.org/smbwww.pcisecuritystandards.org/smb
FREE OFFER!FREE OFFER!
• Tekmark is an Approved Scanning Vendor!
• PCI Scan to the first 5 attendees to contact us *subject to conditions
• Simply call or email Tekmark for your initial consultation and reserve your FREE PCI Scan
Custom Business SolutionsGary Stotko
Vice President Sales949-380-POSI (7674)
Tekmark Global SolutionsPatrick Purcell
Director, Business Development732-383-1322
Thank You for Joining!