Re: PCI/DSS compliant Managed IDS
- From: ebk_lists@xxxxxxxxxxx
- Date: 23 Aug 2007 17:07:28 -0000
I'd vote yes:
"Appendix says:
As referenced in Requirement 12.8, all service providers with access to cardholder data (including hosting
providers) must adhere to the PCI DSS.
12.8:
12.8 If cardholder data is shared with service providers, then contractually the following is required:
12.8.1 Service providers must adhere to the PCI DSS requirements
12.8.2 Agreement that includes an acknowledgement that the service provider is responsible for
the security of cardholder data the provider possesses."
If the monitoring of the IDS provide access to cardholder or transaction data, they must also be compliant.
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
- Follow-Ups:
- RE: PCI/DSS compliant Managed IDS
- From: Craig Wright
- RE: PCI/DSS compliant Managed IDS
- Prev by Date: IDS Policy Manager v2.1 Released
- Next by Date: RE: PCI/DSS compliant Managed IDS
- Previous by thread: RE: PCI/DSS compliant Managed IDS
- Next by thread: RE: PCI/DSS compliant Managed IDS
- Index(es):
