Control-M and Payment Card Industry Data Security Standard (PCI DSS)

Size: px
Start display at page:

Download "Control-M and Payment Card Industry Data Security Standard (PCI DSS)"

Transcription

1 Control-M and Payment Card Industry Data Security Standard (PCI DSS) White paper PAGE 1 OF 16 Copyright BMC Software, Inc. 2016

2 Contents Introduction...3 The Need...3 PCI DSS Related to Control-M...4 Control-M PCI DSS Compliance...5 Requirement 1: Install and Maintain a Firewall Configuration to Protect Cardholder Data... 5 Requirement 2: Do Not Use Vendor-Supplied Defaults for System Passwords and Other Security Parameters... 5 Requirement 3: Protect Stored Cardholder Data... 6 Requirement 4: Encrypt Transmission of Cardholder Data Across Open, Public Networks... 9 Requirement 7: Restrict Access to Cardholder Data by Business Need to Know Requirement 8: Assign a Unique ID to Each Person with Computer Access Requirement 10: Track and Monitor All Access to Network Resources and Cardholder Data Requirement 11: Regularly Test Security Systems and Processes Summary Where to get the latest product information PAGE 2 OF 16 Copyright BMC Software, Inc. 2016

3 Introduction The Payment Card Industry Data Security Standard Requirements and Security Assessment Procedures, Version 2.0 dated October 2010 describes PCI DSS as follows: The Payment Card Industry (PCI) Data Security Standard (DSS) was developed to encourage and enhance cardholder data security and facilitate the broad adoption of consistent data security measures globally. PCI DSS provides a baseline of technical and operational requirements designed to protect cardholder data. PCI DSS applies to all entities involved in payment card processing including merchants, processors, acquirers, issuers, and service providers, as well as all other entities that store, process or transmit cardholder data. PCI DSS comprises a minimum set of requirements for protecting cardholder data, and may be enhanced by additional controls and practices to further mitigate risks. It goes on to say: The PCI DSS security requirements apply to all system components. In the context of PCI DSS, system components are defined as any network component, server, or application that is included in or connected to the cardholder data environment. Applications include all purchased and custom applications, including internal and external (for example, Internet) applications. The Need For organizations that use Control-M as their Workload Automation solution today or for prospective companies that are considering modernizing their IT infrastructure and migrating to Control-M as part of that process, the very broad and general statement about applications raises a question about the need for PCI DSS compliance. In its role of managing production workload, Control-M runs programs, scripts and applications that may process payment and personal data. Since Control-M has to be given the authority to use powerful credentials to run these payment applications, it is reasonable to scrutinize its security setup and administration. For example, a payment application executes as a superuser (or some similar powerful account) to manipulate card stripe data. When Control-M submits the batch jobs for this application that superuser User ID must be coded as the Run As value in the job definition. In order to comply with PCI DSS, it is necessary to ensure that the ability to run jobs with the superuser credentials is both controlled, as well as audited. If such controls are missing, it is possible that either maliciously or accidentally jobs can be run, which access and expose payment data. PAGE 3 OF 16 Copyright BMC Software, Inc. 2016

4 PCI DSS Related to Control-M The PCI DSS requirements are divided into the categories listed in the table below. The remainder of this document describes how Control-M addresses each of the requirements that apply to a Workload Automation solution. Category Requirement Relevant Build and Maintain a Secure Network Requirement 1: Install and maintain a firewall configuration to protect cardholder data Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters Yes Yes Protect Cardholder Data Requirement 3: Protect stored cardholder data Yes Maintain a Vulnerability Management Program Implement Strong Access Control Measures Regularly Monitor Test Networks Maintain an Information Security Policy Requirement 4: Encrypt transmission of cardholder data across open, public networks Requirement 5: Use and regularly update anti-virus software or programs Requirement 6: Develop and maintain secure systems and applications Requirement 7: Restrict access to cardholder data by business need to know Requirement 8: Assign a unique ID to each person with computer access Requirement 9: Restrict physical access to cardholder data Requirement 10: Track and monitor all access to network resources and cardholder data Requirement 11: Regularly test security systems and processes Requirement 12: Maintain a policy that addresses information for all personnel Yes No No Yes Yes No Yes Yes No PAGE 4 OF 16 Copyright BMC Software, Inc. 2016

5 Control-M PCI DSS Compliance Requirement 1: Install and Maintain a Firewall Configuration to Protect Cardholder Data Control-M architecture is extremely flexible and can be configured to accommodate large organizations with complex network topologies as well as service providers with multi-tenancy requirements. Many Control-M components communicate using TCP ports. All of these port values are configurable to ensure that Control-M can be adapted into any network and firewall topology. During installation, port values can be selected and specified. Subsequently, port specifications can be modified as required using the graphical Control- M/Configuration Manager administration console. Inter-process communication among components of the Enterprise Manager uses CORBA. Options are provided to use bi-directional communication over pre-defined ports to ensure that static firewall configuration requirements can be observed without needing to open unnecessary ports. Additional capabilities such as support for SSL and Passive mode FTP are described in later sections but also relate to the flexibility offered by Control-M to help simplify firewall configurations. Requirement 2: Do Not Use Vendor-Supplied Defaults for System Passwords and Other Security Parameters Control-M fully complies with this requirement. PAGE 5 OF 16 Copyright BMC Software, Inc. 2016

6 Passwords No pre-defined or default passwords are used and during installation, the user is prompted to supply passwords for the Database Owner, which is the product administrator and the Database Administrator if the embedded database server is used. This approach ensures that a new password, known only to the installer, is used. After installation, utilities such as ctmpasswd and emcryptocli are provided to enable changes to administrator IDs on a regular basis. Ports As with passwords, port information is collected during installation and can be modified at any time. Even well-known protocols such as ftp or sftp (SSH File Transfer) can be configured to use ports other than the well known ports. This configuration can be done on a connection by connection basis. If the end points of a transfer are internal to he secured environment, the standard well known ports can be used. When connecting outside the secured environment, different ports, in any combination, can be chosen if desired. Secure Sockets Layer (SSL) The major tiers in the Control-M architecture are Control-M/Enterprise Manager, End-user client tools, Control-M/Server, Control-M/Agent and Agentless hosts. All communication among these components can use SSL. As discussed with Ports above, there may be components that reside in secure network segments and SSL may be unnecessary while others reside in exposed environments. Product administrators can choose where SSL is used. Requirement 3: Protect Stored Cardholder Data BMC Control-M fully complies with this requirement. PAGE 6 OF 16 Copyright BMC Software, Inc. 2016

7 Although Control-M does not access application data as part of its own functions and capabilities, jobs run and managed by Control-M certainly can access and manipulate this data. The access controls that ensure only authorized users access this sensitive data, rely on each entry point into the system to properly authenticate users. BMC Control-M provides extensive authentication and authorization mechanisms that enable organizations to very tightly control access to powerful IDs. Granular permissions allow authorization to be granted to very specific functions thus ensuring that sensitive access is granted only when need to perform actions mandatory for the business. Authentication User IDs can be defined internally within Control-M or externally in an LDAP Directory (including Active Directory). When managed internally, a complete range of options to maintain strong passwords is available including: Password history prevents reuse of the same passwords over and over Minimum and maximum password lengths strike a balance between complexity and memorization Password construction rules eliminate common words Mandatory password change frequency that forces users to change passwords on a regular basis Maximum Password Attempts locks accounts in the event of an intrusion attempt PAGE 7 OF 16 Copyright BMC Software, Inc. 2016

8 Active Directory or an LDAP directory can be used for external authentication. This promotes common passwords, enables centralized user administration and leverages enterprise-wide password management for the workload automation environment. It is also possible to largely eliminate user management within Control-M by using external authentication as discussed in the following section. Authorization Control-M authorizations allow full control over all product functions. Most significant from a PCI perspective, Control-M authorizations control the UserID (Run As) that can be specified for a job. Let s assume there is one specific table in a specific database where payment information is stored. The only UserID that is authorized to perform this function is PCDataOwner and the few applications that manipulate this data must run as this specific user (Run As=PCDataOwner in a Control-M job definition). Control-M authorizations can specify that the only users that can build or modify a job and run it with Run As Users of PCDataUser are members of group PCDataAdmins. In addition, Control-M authorization defines which jobs a user can see in Active Jobs and which actions can be taken against those jobs, which job definitions a user can create or modify, which predecessor/successor relationships can be manipulated, which abstract resources can be defined or modified and even which configuration options can be changed. It is also possible to use the Authorizations mechanism to achieve external user management so that users do not have to be defined in Control-M at all. This is particularly attractive if a company has a large or dynamic organization with a significant amount of staff changes. Once roles are defined via the authorizations described above, each group role can be mapped to one or more LDAP or Active Directory groups. Any Active Directory or LDAP user who is a member of any of the groups that are mapped to a Control-M role is then able to log in to Control-M and automatically inherit the authorizations specified for that group. PAGE 8 OF 16 Copyright BMC Software, Inc. 2016

9 Requirement 4: Encrypt Transmission of Cardholder Data across Open, Public Networks Control-M fully complies with this requirement. Control-M for Advanced File Transfer provides support for encrypted data transfer by using conventional ftp coupled with PGP, ftp over SSL or via sftp. Regardless which protocols are used, Control-M also provides secure management of credentials used for data movement and eliminating the need for scripting. These capabilities not only further enhance the security of data movement but also significantly reduce the cost and effort of managing data transfer. The figure below shows a portion of the definition of a Connection Profile used by Control-M for Advanced File Transfer. Both end points of the transfer are specified and each one can be an ftp or sftp end point. For sftp, options such as SSH keys and encryption algorithms can be selected. PAGE 9 OF 16 Copyright BMC Software, Inc. 2016

10 Even if conventional ftp is used, SSL/TLS can be added to increase the level of security. Additionally, FTP Passive mode is available to simplify firewall configuration as seen in the figure below. Requirement 7: Restrict Access to Cardholder Data by Business Need to Know BMC Control-M fully complies with this requirement. As described above in section Requirement 3: Protect Stored Cardholder Data (on page 6) Control- M provides extensive authorization facilities that enable organizations to tightly control access to the credentials required to access cardholder data. Requirement 8: Assign a Unique ID to Each Person with Computer Access BMC Control-M fully complies with this requirement. Control-M implements a standard user/group security model. Either users, groups or both entities can be granted various permissions or authorizations although the recommended approach is to grant authority only to groups and have users inherit the required permissions through group membership. Control-M supports both internal and external user definitions. Specifically through the support of external user definitions stored in Active or any LDAP Directory, it is expected that each person uses his or her own identity. When using external security, it becomes very unlikely users will share credentials since they use the same credentials to log in to their workstations and to perform all other business functions as well as log in to Control-M. PAGE 10 OF 16 Copyright BMC Software, Inc. 2016

11 Requirement 10: Track and Monitor All Access to Network Resources and Cardholder Data BMC Control-M fully complies with this requirement. Control-M provides 11 categories of event auditing which can be enabled individually or collectively. Each category contains approximately 10 event types for a total of about 110 audit event types that are recorded. In addition to capturing what was changed, when and by who, User Annotation can also be enabled to prompt users for explanations so that the why can be recorded as well. Version Management captures and tracks all changes made to job definitions. The number of previous versions maintained, is configurable by each organization. When changes are made, such as perhaps may occur when an application revision is performed; quick, single-click, scenario-based recovery is available if such a change must be backed out. The following figure shows the History of the job. PAGE 11 OF 16 Copyright BMC Software, Inc. 2016

12 The following figure compares the changes to the job. In addition to the audit facilities, Control-M also contains extensive logging and data collection that can be used for tracking activities as well as for problem determination and analysis purposes. For example, the Control-M Log maintains information about all job status events in the Active Environment. Archive Viewpoints collect enterprise-wide job execution history and process logs maintain runtime information about each process and component that is part of the operational Control-M deployment. Requirement 11: Regularly Test Security Systems and Processes BMC Control-M fully complies with this requirement. Auditing is the most common method for testing the controls that have been put in place. BMC Control-M provides extensive facilities for capturing and recording auditing information as described above and makes all audit information available via the Control-M Reporting Facility. The Reporting Facility can be used to design custom reports that can focus on information required for a specific audit, or general reports that can be produced for reference purposes. Once a report is designed, it can be invoked interactively or run as a Control-M job. PAGE 12 OF 16 Copyright BMC Software, Inc. 2016

13 Report output can be produced in a variety of formats including PDF, MS-Excel or HTML. Reports can be ed or published in a SharePoint or similar facility to make them available to anyone who may need such data but is not a Control-M user. The process of designing or modifying a report template is managed by a simple and intuitive wizard. PAGE 13 OF 16 Copyright BMC Software, Inc. 2016

14 Summary Workload Automation is a foundation management discipline that is an essential component of almost every IT infrastructure. In most environments supporting payment applications or the processing of card and payment data, batch workload services are an integral part of the environment and thus are directly involved in PCI DSS compliance. BMC Control-M delivers an enterprise workload automation solution that is fully compliant with the PCI DSS standard. BMC Control-M users can confidently manage their PCI workload together with all their other enterprise batch applications without having to implement separate tools or segregated, isolated environments. This approach enables customers to realize the full benefits of BMC Control-M enterprise workload automation for their entire IT environment with features such as: A single focal point of control that delivers an end-to-end view of all workload Support for all platforms and applications that make up the IT landscape Fully integrated Service Management for batch workload Predictive forecasting and change impact analysis Policy-based dynamic workload management Automated incident management Full exploitation of dynamic resource management via virtualization and cloud technologies A Batch Workload Service Catalog for business users via Control-M Self Service. PAGE 14 OF 16 Copyright BMC Software, Inc. 2016

15 Where to get the latest product information To view the latest BMC Software documents, visit the BMC Customer Support page at BMC Software distributes printed copies of flashes, technical bulletins, and release notes with most product shipments, as indicated on your shipping list. In addition, all notices are available on the Customer Support page, including any notices that BMC Software issues after you receive your product shipment. You will not receive new notices by mail. However, by subscribing to proactive notification, you can receive messages that direct you to those notices. For more information about proactive notification, refer to the Customer Support page. BMC delivers software solutions that help IT transform digital enterprises for the ultimate competitive business advantage. We have worked with thousands of leading companies to create and deliver powerful IT management services. From mainframe to cloud to mobile, we pair highspeed digital innovation with robust IT industrialization allowing our customers to provide amazing user experiences with optimized IT performance, cost, compliance, and productivity. We believe that technology is the heart of every business, and that IT drives business to the digital age. BMC Bring IT to Life PAGE 15 OF 16 Copyright BMC Software, Inc. 2016

16 PAGE 16 OF 16 Copyright BMC Software, Inc. 2016

Ensuring Desktop Central Compliance to Payment Card Industry (PCI) Data Security Standard

Ensuring Desktop Central Compliance to Payment Card Industry (PCI) Data Security Standard Ensuring Desktop Central Compliance to Payment Card Industry (PCI) Data Security Standard Introduction Manage Engine Desktop Central is part of ManageEngine family that represents entire IT infrastructure

More information

PCI DSS Compliance. White Paper Parallels Remote Application Server

PCI DSS Compliance. White Paper Parallels Remote Application Server PCI DSS Compliance White Paper Parallels Remote Application Server Table of Contents Introduction... 3 What Is PCI DSS?... 3 Why Businesses Need to Be PCI DSS Compliant... 3 What Is Parallels RAS?... 3

More information

SoftLayer Security and Compliance:

SoftLayer Security and Compliance: SoftLayer Security and Compliance: How security and compliance are implemented and managed Introduction Cloud computing generally gets a bad rap when security is discussed. However, most major cloud providers

More information

Safeguarding Cardholder Account Data

Safeguarding Cardholder Account Data Safeguarding Cardholder Account Data Attachmate Safeguarding Cardholder Account Data CONTENTS The Twelve PCI Requirements... 1 How Reflection Handles Your Host-Centric Security Issues... 2 The Reflection

More information

Integrated Access Management Solutions. Access Televentures

Integrated Access Management Solutions. Access Televentures Integrated Access Management Solutions Access Televentures Table of Contents OVERCOMING THE AUTHENTICATION CHALLENGE... 2 1 EXECUTIVE SUMMARY... 2 2 Challenges to Providing Users Secure Access... 2 2.1

More information

SQL Security Whitepaper SECURITY AND COMPLIANCE SOLUTIONS FOR PCI DSS PAYMENT CARD INDUSTRY DATA SECURITY STANDARD

SQL Security Whitepaper SECURITY AND COMPLIANCE SOLUTIONS FOR PCI DSS PAYMENT CARD INDUSTRY DATA SECURITY STANDARD SQL Security Whitepaper SECURITY AND COMPLIANCE SOLUTIONS FOR PCI DSS PAYMENT CARD INDUSTRY DATA SECURITY STANDARD The Payment Card Industry Data Security Standard (PCI DSS), currently at version 3.2,

More information

Control-M Workload Automation

Control-M Workload Automation White Paper Control-M Workload Automation Deploying Control-M in Amazon Web Services Cloud for version 9.0.00 PAGE 1 OF 37 Copyright BMC Software, Inc. 2017 Table of Contents Table of Contents... 2 Disclaimer...

More information

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on April 16, 2018 15:41 PM O verview 1 90% Compliance About PCI DSS 2.0 PCI-DSS is a legal obligation mandated not by government

More information

CS 356 Operating System Security. Fall 2013

CS 356 Operating System Security. Fall 2013 CS 356 Operating System Security Fall 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5 Database

More information

12 Habits of Highly Secured Magento Merchants

12 Habits of Highly Secured Magento Merchants 12 Habits of Highly Secured Magento Merchants Jeries (Jerry) Eadeh VP of Channel Sales 5 years at Nexcess Speaker at Magento Events Small business owner @ibnwadie Have you ever left the doors unlocked?

More information

Projectplace: A Secure Project Collaboration Solution

Projectplace: A Secure Project Collaboration Solution Solution brief Projectplace: A Secure Project Collaboration Solution The security of your information is as critical as your business is dynamic. That s why we built Projectplace on a foundation of the

More information

Total Security Management PCI DSS Compliance Guide

Total Security Management PCI DSS Compliance Guide Total Security Management PCI DSS Guide The Payment Card Industry Data Security Standard (PCI DSS) is a set of regulations to help protect the security of credit card holders. These regulations apply to

More information

PCI DSS Compliance. Verba SOLUTION GUIDE. Introduction. Verba and the Payment Card Industry Data Security Standard

PCI DSS Compliance. Verba SOLUTION GUIDE. Introduction. Verba and the Payment Card Industry Data Security Standard Introduction Verba provides a complete compliance solution for merchants and service providers who accept and/or process payment card data over the telephone. Secure and compliant handling of a customer

More information

the SWIFT Customer Security

the SWIFT Customer Security TECH BRIEF Mapping BeyondTrust Solutions to the SWIFT Customer Security Controls Framework Privileged Access Management and Vulnerability Management Table of ContentsTable of Contents... 2 Purpose of This

More information

HALO IN ACTION COMPLIANCE DON T LET LEGACY SECURITY TOOLS HOLD UP PCI COMPLIANCE IN THE CLOUD. Automated PCI compliance anytime, anywhere.

HALO IN ACTION COMPLIANCE DON T LET LEGACY SECURITY TOOLS HOLD UP PCI COMPLIANCE IN THE CLOUD. Automated PCI compliance anytime, anywhere. HALO IN ACTION COMPLIANCE DON T LET LEGACY SECURITY TOOLS HOLD UP PCI COMPLIANCE IN THE CLOUD Automated PCI compliance anytime, anywhere. THE PROBLEM Online commercial transactions will hit an estimated

More information

PCI DSS and the VNC SDK

PCI DSS and the VNC SDK RealVNC Limited 2016. 1 What is PCI DSS? PCI DSS (Payment Card Industry Data Security Standard) compliance is mandated by many major credit card companies, including Visa, MasterCard, American Express,

More information

Section 3.9 PCI DSS Information Security Policy Issued: November 2017 Replaces: June 2016

Section 3.9 PCI DSS Information Security Policy Issued: November 2017 Replaces: June 2016 Section 3.9 PCI DSS Information Security Policy Issued: vember 2017 Replaces: June 2016 I. PURPOSE The purpose of this policy is to establish guidelines for processing charges on Payment Cards to protect

More information

Google Cloud Platform: Customer Responsibility Matrix. December 2018

Google Cloud Platform: Customer Responsibility Matrix. December 2018 Google Cloud Platform: Customer Responsibility Matrix December 2018 Introduction 3 Definitions 4 PCI DSS Responsibility Matrix 5 Requirement 1 : Install and Maintain a Firewall Configuration to Protect

More information

Security Standards for Information Systems

Security Standards for Information Systems Security Standards for Information Systems Area: Information Technology Services Number: IT-3610-00 Subject: Information Systems Management Issued: 8/1/2012 Applies To: University Revised: 4/1/2015 Sources:

More information

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V3.0, MAY 2017 Multiple Layers of Protection Overview Password Salted-Hash Thank you

More information

Simple and Powerful Security for PCI DSS

Simple and Powerful Security for PCI DSS Simple and Powerful Security for PCI DSS The regulations AccessEnforcer helps check off your list. Most merchants think they are too small to be targeted by hackers. In fact, their small size makes them

More information

Google Cloud Platform: Customer Responsibility Matrix. April 2017

Google Cloud Platform: Customer Responsibility Matrix. April 2017 Google Cloud Platform: Customer Responsibility Matrix April 2017 Introduction 3 Definitions 4 PCI DSS Responsibility Matrix 5 Requirement 1 : Install and Maintain a Firewall Configuration to Protect Cardholder

More information

INCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.1 SUCCESS AKAMAI SOLUTIONS BRIEF INCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.

INCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.1 SUCCESS AKAMAI SOLUTIONS BRIEF INCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3. INCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.1 SUCCESS Protect Critical Enterprise Applications and Cardholder Information with Enterprise Application Access Scope and Audience This guide is for

More information

FairWarning Mapping to PCI DSS 3.0, Requirement 10

FairWarning Mapping to PCI DSS 3.0, Requirement 10 FairWarning Mapping to PCI DSS 3.0, Requirement 10 Requirement 10: Track and monitor all access to network resources and cardholder data Logging mechanisms and the ability to track user activities are

More information

Liferay Security Features Overview. How Liferay Approaches Security

Liferay Security Features Overview. How Liferay Approaches Security Liferay Security Features Overview How Liferay Approaches Security Table of Contents Executive Summary.......................................... 1 Transport Security............................................

More information

What is PCI/DSS and What s new Presented by Brian Marshall Vanguard Professional Services

What is PCI/DSS and What s new Presented by Brian Marshall Vanguard Professional Services What is PCI/DSS and What s new Presented by Brian Marshall Vanguard Professional Services 4/28/2016 1 AGENDA 1.About Vanguard/Introductions 2.What is PCI DSS History 3.High Level Overview 4.PCI DSS 3.0/3.1/3.2

More information

VANGUARD WHITE PAPER VANGUARD INSURANCE INDUSTRY WHITEPAPER

VANGUARD WHITE PAPER VANGUARD INSURANCE INDUSTRY WHITEPAPER VANGUARD INSURANCE INDUSTRY WHITEPAPER Achieving PCI DSS Compliance with Vanguard Integrity Professionals Software & Professional Services Vanguard is the industry leader in z/os Mainframe Software to

More information

University of Sunderland Business Assurance PCI Security Policy

University of Sunderland Business Assurance PCI Security Policy University of Sunderland Business Assurance PCI Security Policy Document Classification: Public Policy Reference Central Register IG008 Policy Reference Faculty / Service IG 008 Policy Owner Interim Director

More information

WHITE PAPERS. INSURANCE INDUSTRY (White Paper)

WHITE PAPERS. INSURANCE INDUSTRY (White Paper) (White Paper) Achieving PCI DSS Compliance with Vanguard Integrity Professionals Software & Professional Services Vanguard is the industry leader in z/os Mainframe Software to ensure enterprise compliance

More information

Best Practices for PCI DSS Version 3.2 Network Security Compliance

Best Practices for PCI DSS Version 3.2 Network Security Compliance Best Practices for PCI DSS Version 3.2 Network Security Compliance www.tufin.com Executive Summary Payment data fraud by cyber criminals is a growing threat not only to financial institutions and retail

More information

PCI DSS and VNC Connect

PCI DSS and VNC Connect VNC Connect security whitepaper PCI DSS and VNC Connect Version 1.2 VNC Connect security whitepaper Contents What is PCI DSS?... 3 How does VNC Connect enable PCI compliance?... 4 Build and maintain a

More information

Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud

Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud Introduction The Criminal Justice Information Security (CJIS) Policy is a publically accessible document that contains

More information

Virtustream Cloud and Managed Services Solutions for US State & Local Governments and Education

Virtustream Cloud and Managed Services Solutions for US State & Local Governments and Education Data Sheet Virtustream Cloud and Managed Services Solutions for US State & Local Governments and Education Available through NASPO ValuePoint Cloud Services VIRTUSTREAM CLOUD AND MANAGED SERVICES SOLUTIONS

More information

Introduction to AWS GoldBase

Introduction to AWS GoldBase Introduction to AWS GoldBase A Solution to Automate Security, Compliance, and Governance in AWS October 2015 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document

More information

2012PHILIPPINES ECC International :: MALAYSIA :: VIETNAM :: INDONESIA :: INDIA :: CHINA

2012PHILIPPINES ECC International :: MALAYSIA :: VIETNAM :: INDONESIA :: INDIA :: CHINA Effective Data Security Measures on Payment Cards through PCI DSS 2012PHILIPPINES ECC International :: MALAYSIA :: VIETNAM :: INDONESIA :: INDIA :: CHINA Learning Bites Comprehend the foundations, requirements,

More information

Payment Card Industry (PCI) Qualified Integrator and Reseller (QIR)

Payment Card Industry (PCI) Qualified Integrator and Reseller (QIR) Payment Card Industry (PCI) Qualified Integrator and Reseller (QIR) Implementation Instructions Version 4.0 March 2018 Document Changes Date Version Description August 2012 1.0 Original Publication November

More information

Point ipos Implementation Guide. Hypercom P2100 using the Point ipos Payment Core Hypercom H2210/K1200 using the Point ipos Payment Core

Point ipos Implementation Guide. Hypercom P2100 using the Point ipos Payment Core Hypercom H2210/K1200 using the Point ipos Payment Core PCI PA - DSS Point ipos Implementation Guide Hypercom P2100 using the Point ipos Payment Core Hypercom H2210/K1200 using the Point ipos Payment Core Version 1.02 POINT TRANSACTION SYSTEMS AB Box 92031,

More information

SECURITY PRACTICES OVERVIEW

SECURITY PRACTICES OVERVIEW SECURITY PRACTICES OVERVIEW 2018 Helcim Inc. Copyright 2006-2018 Helcim Inc. All Rights Reserved. The Helcim name and logo are trademarks of Helcim Inc. P a g e 1 Our Security at a Glance About Helcim

More information

TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES

TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES Contents Introduction... 3 The Technical and Organizational Data Security Measures... 3 Access Control of Processing Areas (Physical)... 3 Access Control

More information

W H IT E P A P E R. Salesforce Security for the IT Executive

W H IT E P A P E R. Salesforce Security for the IT Executive W HITEPAPER Salesforce Security for the IT Executive Contents Contents...1 Introduction...1 Background...1 Settings Related to Security and Compliance...1 Password Settings... 1 Session Settings... 2 Login

More information

Title: Planning AWS Platform Security Assessment?

Title: Planning AWS Platform Security Assessment? Title: Planning AWS Platform Security Assessment? Name: Rajib Das IOU: Cyber Security Practices TCS Emp ID: 231462 Introduction Now-a-days most of the customers are working in AWS platform or planning

More information

Security Standards for Electric Market Participants

Security Standards for Electric Market Participants Security Standards for Electric Market Participants PURPOSE Wholesale electric grid operations are highly interdependent, and a failure of one part of the generation, transmission or grid management system

More information

The Honest Advantage

The Honest Advantage The Honest Advantage READY TO CHALLENGE THE STATUS QUO GSA Security Policy and PCI Guidelines The GreenStar Alliance 2017 2017 GreenStar Alliance All Rights Reserved Table of Contents Table of Contents

More information

Achieving PCI Compliance: Long and Short Term Strategies

Achieving PCI Compliance: Long and Short Term Strategies Achieving PCI Compliance: Long and Short Term Strategies Murray Goldschmidt - CISSP, QSA PCI DSS Compliance Conference, 3 Dec 2009 1 www.senseofsecurity.com.au Tuesday, August 11, 2009 Overview 1. PCI

More information

BMC Control-M Test Drive Guide. Version 1.0

BMC Control-M Test Drive Guide. Version 1.0 BMC Control-M Test Drive Guide Version 1.0 Table of Contents 3 INTRODUCING BMC CONTROL-M 5 STARTING THE CONTROL-M TEST DRIVE 6 MY FIRST JOBS 12 FUNCTIONS HIGHLIGHTED IN THE TEST DRIVE INTRODUCING BMC CONTROL-M

More information

PCI PA-DSS Implementation Guide Onslip PAYAPP V2.0 for Onslip S80, Onslip S90

PCI PA-DSS Implementation Guide Onslip PAYAPP V2.0 for Onslip S80, Onslip S90 PCI PA-DSS Implementation Guide Onslip PAYAPP V2.0 for Onslip S80, Onslip S90 Revision history Revision Date Author Comments 0.1 2013-10-04 Robert Hansson Created 1.0 2014-01-14 Robert Hansson Review and

More information

INFORMATION SUPPLEMENT. Use of SSL/Early TLS for POS POI Terminal Connections. Date: June 2018 Author: PCI Security Standards Council

INFORMATION SUPPLEMENT. Use of SSL/Early TLS for POS POI Terminal Connections. Date: June 2018 Author: PCI Security Standards Council Use of SSL/Early TLS for POS POI Terminal Connections Date: Author: PCI Security Standards Council Table of Contents Introduction...1 Executive Summary...1 What is the risk?...1 What is meant by Early

More information

Completing your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT

Completing your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT Completing your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT Introduction Amazon Web Services (AWS) provides Infrastructure as a Service (IaaS) cloud offerings for organizations. Using AWS,

More information

June 2013 PCI DSS COMPLIANCE GUIDE. Look out for the tips in the blue boxes if you use Fetch TM payment solutions.

June 2013 PCI DSS COMPLIANCE GUIDE. Look out for the tips in the blue boxes if you use Fetch TM payment solutions. If your business processes Visa and MasterCard debit or credit card transactions, you need to have Payment Card Industry Data Security Standard (PCI DSS) compliance. We understand that PCI DSS requirements

More information

White paper: Agentless Backup is Not a Myth. Agentless Backup is Not a Myth

White paper: Agentless Backup is Not a Myth. Agentless Backup is Not a Myth White paper: less Backup is Not a Myth less Backup is Not a Myth White paper: less Backup is Not a Myth Executive Summary Backup and recovery software typically requires agents that are installed onto

More information

in PCI Regulated Environments

in PCI Regulated Environments in PCI Regulated Environments JULY, 2018 PCI COMPLIANCE If your business accepts payments via credit, debit, or pre-paid cards, you are required to comply with the security requirements of the Payment

More information

Designing Polycom SpectraLink VoWLAN Solutions to Comply with Payment Card Industry (PCI) Data Security Standard (DSS)

Designing Polycom SpectraLink VoWLAN Solutions to Comply with Payment Card Industry (PCI) Data Security Standard (DSS) Designing Polycom SpectraLink VoWLAN Solutions to Comply with Payment Card Industry (PCI) Data Security Standard (DSS) January 2009 1 January 2009 Polycom White Paper: Complying with PCI-DSS Page 2 1.

More information

Atmosphere Fax Network Architecture Whitepaper

Atmosphere Fax Network Architecture Whitepaper Atmosphere Fax Network Architecture Whitepaper Contents Introduction... 3 The 99.99% Uptime Fax Network... 4 Reliability and High Availability... 5 Security... 7 Delivery... 9 Network Monitoring... 11

More information

Payment Card Industry Data Security Standard (PCI-DSS) Implementation Guide For XERA POS Version 1

Payment Card Industry Data Security Standard (PCI-DSS) Implementation Guide For XERA POS Version 1 Payment Card Industry Data Security Standard (PCI-DSS) Implementation Guide For XERA POS Version 1 2 XERA POS Payment Card Industry Data Security Standard (PCI-DSS) Implementation Guide XERA POS Version

More information

ClearPath OS 2200 System LAN Security Overview. White paper

ClearPath OS 2200 System LAN Security Overview. White paper ClearPath OS 2200 System LAN Security Overview White paper Table of Contents Introduction 3 Baseline Security 3 LAN Configurations 4 Security Protection Measures 4 Software and Security Updates 4 Security

More information

PCI PA-DSS Implementation Guide

PCI PA-DSS Implementation Guide PCI PA-DSS Implementation Guide For Atos Worldline Banksys XENTA, XENTEO, XENTEO ECO, XENOA ECO YOMANI and YOMANI XR terminals using the Point BKX Payment Core Software Versions A05.01 and A05.02 Version

More information

Support for the HIPAA Security Rule

Support for the HIPAA Security Rule white paper Support for the HIPAA Security Rule PowerScribe 360 Reporting v1.1 healthcare 2 Summary This white paper is intended to assist Nuance customers who are evaluating the security aspects of PowerScribe

More information

LOGmanager and PCI Data Security Standard v3.2 compliance

LOGmanager and PCI Data Security Standard v3.2 compliance LOGmanager and PCI Data Security Standard v3.2 compliance Whitepaper how deploying LOGmanager helps to maintain PCI DSS regulation requirements Many organizations struggle to understand what and where

More information

Oracle Hospitality OPERA Cloud Services Security Guide Release 1.20 E June 2016

Oracle Hospitality OPERA Cloud Services Security Guide Release 1.20 E June 2016 Oracle Hospitality OPERA Cloud Services Security Guide Release 1.20 E69079-01 June 2016 Copyright 2016, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided

More information

WHITE PAPER. Good Mobile Intranet Technical Overview

WHITE PAPER. Good Mobile Intranet Technical Overview WHITE PAPER Good Mobile Intranet CONTENTS 1 Introduction 4 Security Infrastructure 6 Push 7 Transformations 8 Differential Data 8 Good Mobile Intranet Server Management Introduction Good Mobile Intranet

More information

Storage Made Easy. SoftLayer

Storage Made Easy. SoftLayer Storage Made Easy Providing an Enterprise File Fabric for SoftLayer STORAGE MADE EASY ENTERPRISE FILE FABRIC FOR SOFTLAYER The File Fabric is a comprehensive multi-cloud data security solution built on

More information

GlobalSCAPE EFT Server. HS Module. High Security. Detail Review. Facilitating Enterprise PCI DSS Compliance

GlobalSCAPE EFT Server. HS Module. High Security. Detail Review. Facilitating Enterprise PCI DSS Compliance GlobalSCAPE EFT Server HS Module High Security Facilitating Enterprise PCI DSS Compliance Detail Review Table of Contents Understanding the PCI DSS 3 The Case for Compliance 3 The Origin of the Standard

More information

PCI DSS 3.2 AWARENESS NOVEMBER 2017

PCI DSS 3.2 AWARENESS NOVEMBER 2017 PCI DSS 3.2 AWARENESS NOVEMBER 2017 1 AGENDA PCI STANDARD OVERVIEW PAYMENT ENVIRONMENT 2ACTORS PCI ROLES AND RESPONSIBILITIES MERCHANTS COMPLIANCE PROGRAM PCI DSS 3.2 REQUIREMENTS 2 PCI STANDARD OVERVIEW

More information

Privileged Account Security: A Balanced Approach to Securing Unix Environments

Privileged Account Security: A Balanced Approach to Securing Unix Environments Privileged Account Security: A Balanced Approach to Securing Unix Environments Table of Contents Introduction 3 Every User is a Privileged User 3 Privileged Account Security: A Balanced Approach 3 Privileged

More information

Comodo HackerGuardian. PCI Security Compliance The Facts. What PCI security means for your business

Comodo HackerGuardian. PCI Security Compliance The Facts. What PCI security means for your business Comodo HackerGuardian PCI Security Compliance The Facts What PCI security means for your business Overview The Payment Card Industry Data Security Standard (PCI DSS) is a set of 12 requirements intended

More information

Addressing PCI DSS 3.2

Addressing PCI DSS 3.2 Organizational Challenges Securing the evergrowing landscape of devices while keeping pace with regulations Enforcing appropriate access for compliant and non-compliant endpoints Requiring tools that provide

More information

Netwrix Auditor for Active Directory

Netwrix Auditor for Active Directory Netwrix Auditor for Active Directory Quick-Start Guide Version: 8.0 4/22/2016 Legal Notice The information in this publication is furnished for information use only, and does not constitute a commitment

More information

UCOP ITS Systemwide CISO Office Systemwide IT Policy. UC Event Logging Standard. Revision History. Date: By: Contact Information: Description:

UCOP ITS Systemwide CISO Office Systemwide IT Policy. UC Event Logging Standard. Revision History. Date: By: Contact Information: Description: UCOP ITS Systemwide CISO Office Systemwide IT Policy UC Event Logging Standard Revision History Date: By: Contact Information: Description: 05/02/18 Robert Smith robert.smith@ucop.edu Approved by the CISOs

More information

Concord Fax Network Architecture. White Paper

Concord Fax Network Architecture. White Paper Concord Fax Network Architecture White Paper Page 2 Table of Contents Introduction 3 The 99.99% Uptime Fax Network 4 Reliability and High Availability 5 Security 9 Delivery 14 Network Monitoring 19 About

More information

WHITE PAPER Cloud FastPath: A Highly Secure Data Transfer Solution

WHITE PAPER Cloud FastPath: A Highly Secure Data Transfer Solution WHITE PAPER Cloud FastPath: A Highly Secure Data Transfer Solution Tervela helps companies move large volumes of sensitive data safely and securely over network distances great and small. We have been

More information

Mapping BeyondTrust Solutions to

Mapping BeyondTrust Solutions to TECH BRIEF Privileged Access Management and Vulnerability Management Purpose of This Document... 3 Table 1: Summary Mapping of BeyondTrust Solutions to... 3 What is the Payment Card Industry Data Security

More information

Easy-to-Use PCI Kit to Enable PCI Compliance Audits

Easy-to-Use PCI Kit to Enable PCI Compliance Audits Easy-to-Use PCI Kit to Enable PCI Compliance Audits Version 2.0 and Above Table of Contents Executive Summary... 3 About This Guide... 3 What Is PCI?... 3 ForeScout CounterACT... 3 PCI Requirements Addressed

More information

Securing Amazon Web Services (AWS) EC2 Instances with Dome9. A Whitepaper by Dome9 Security, Ltd.

Securing Amazon Web Services (AWS) EC2 Instances with Dome9. A Whitepaper by Dome9 Security, Ltd. Securing Amazon Web Services (AWS) EC2 Instances with Dome9 A Whitepaper by Dome9 Security, Ltd. Amazon Web Services (AWS) provides business flexibility for your company as you move to the cloud, but new

More information

Ready Theatre Systems RTS POS

Ready Theatre Systems RTS POS Ready Theatre Systems RTS POS PCI PA-DSS Implementation Guide Revision: 2.0 September, 2010 Ready Theatre Systems, LLC - www.rts-solutions.com Table of Contents: Introduction to PCI PA DSS Compliance 2

More information

Internal Audit Report DATA CENTER LOGICAL SECURITY

Internal Audit Report DATA CENTER LOGICAL SECURITY Internal Audit Report DATA CENTER LOGICAL SECURITY Report No. SC 12 06 June 2012 David Lane Principal IT Auditor Jim Dougherty Principal Auditor Approved Barry Long, Director Internal Audit & Advisory

More information

SailPoint IdentityIQ Integration with the BeyondInsight Platform. Providing Complete Visibility and Auditing of Identities

SailPoint IdentityIQ Integration with the BeyondInsight Platform. Providing Complete Visibility and Auditing of Identities SailPoint IdentityIQ Integration with the BeyondInsight Platform Providing Complete Visibility and Auditing of Identities Table of Contents Executive Summary... 3 Identity and Access Management... 5 BeyondTrust

More information

PCI DSS 3.1 is here. Are you ready? Mike Goldgof Sr. Director Product Marketing

PCI DSS 3.1 is here. Are you ready? Mike Goldgof Sr. Director Product Marketing PCI DSS 3.1 is here. Are you ready? Mike Goldgof Sr. Director Product Marketing 1 WhiteHat Security Application Security Company Leader in the Gartner Magic Quadrant Headquartered in Santa Clara, CA 320+

More information

PCI PA - DSS. Point Vx Implementation Guide. Version For VeriFone Vx520, Vx680, Vx820 terminals using the Point Vx Payment Core (Point VxPC)

PCI PA - DSS. Point Vx Implementation Guide. Version For VeriFone Vx520, Vx680, Vx820 terminals using the Point Vx Payment Core (Point VxPC) PCI PA - DSS Point Vx Implementation Guide For VeriFone Vx520, Vx680, Vx820 terminals using the Point Vx Payment Core (Point VxPC) Version 2.02 POINT TRANSACTION SYSTEMS AB Box 92031, 120 06 Stockholm,

More information

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

Insurance Industry - PCI DSS

Insurance Industry - PCI DSS Achieving PCI DSS Compliance with Vanguard Integrity Professionals Software & Professional Services. Vanguard is the industry leader in z/os Mainframe Software to ensure enterprise compliance with the

More information

Best practices with Snare Enterprise Agents

Best practices with Snare Enterprise Agents Best practices with Snare Enterprise Agents Snare Solutions About this document The Payment Card Industry Data Security Standard (PCI/DSS) documentation provides guidance on a set of baseline security

More information

A Perfect Fit: Understanding the Interrelationship of the PCI Standards

A Perfect Fit: Understanding the Interrelationship of the PCI Standards A Perfect Fit: Understanding the Interrelationship of the PCI Standards 9/5/2008 Agenda Who is the Council? Goals and target for today s Webinar Overview of the Standards and who s who PCI DSS PA-DSS PED

More information

PCI Compliance Assessment Module with Inspector

PCI Compliance Assessment Module with Inspector Quick Start Guide PCI Compliance Assessment Module with Inspector Instructions to Perform a PCI Compliance Assessment Performing a PCI Compliance Assessment (with Inspector) 2 PCI Compliance Assessment

More information

Twilio cloud communications SECURITY

Twilio cloud communications SECURITY WHITEPAPER Twilio cloud communications SECURITY From the world s largest public companies to early-stage startups, people rely on Twilio s cloud communications platform to exchange millions of calls and

More information

Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard Payment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire Version 1.0 Release: December 2004 How to Complete the Questionnaire The questionnaire is divided into six sections. Each

More information

epldt Web Builder Security March 2017

epldt Web Builder Security March 2017 epldt Web Builder Security March 2017 TABLE OF CONTENTS Overview... 4 Application Security... 5 Security Elements... 5 User & Role Management... 5 User / Reseller Hierarchy Management... 5 User Authentication

More information

Overview: Compliance and Security Management PCI-DSS Control Compliance Suite Overview

Overview: Compliance and Security Management PCI-DSS Control Compliance Suite Overview PCI DSS stands for Payment Card Industry Data Security Standard. It was developed by the major credit card companies as a guideline to help organizations that process card payments prevent credit card

More information

AuthAnvil for Retail IT. Exploring how AuthAnvil helps to reach compliance objectives

AuthAnvil for Retail IT. Exploring how AuthAnvil helps to reach compliance objectives AuthAnvil for Retail IT Exploring how AuthAnvil helps to reach compliance objectives AuthAnvil for Retail IT Exploring how AuthAnvil helps to reach compliance objectives As companies extend their online

More information

Installing and Administering a Satellite Environment

Installing and Administering a Satellite Environment IBM DB2 Universal Database Installing and Administering a Satellite Environment Version 8 GC09-4823-00 IBM DB2 Universal Database Installing and Administering a Satellite Environment Version 8 GC09-4823-00

More information

Technical Overview. Access control lists define the users, groups, and roles that can access content as well as the operations that can be performed.

Technical Overview. Access control lists define the users, groups, and roles that can access content as well as the operations that can be performed. Technical Overview Technical Overview Standards based Architecture Scalable Secure Entirely Web Based Browser Independent Document Format independent LDAP integration Distributed Architecture Multiple

More information

The Nasuni Security Model

The Nasuni Security Model White Paper Nasuni enterprise file services ensures unstructured data security and privacy, enabling IT organizations to safely leverage cloud storage while meeting stringent governance and compliance

More information

In-Depth Guide to PaperVision Enterprise

In-Depth Guide to PaperVision Enterprise 800.422.1330 In-Depth Guide to is a simple and searchable enterprise content management (ECM) system. Securley store, share and collaborate on any type of information with unlimited users inside. 800.422.1330

More information

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045 Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized intelligence that

More information

ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE

ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE INTRODUCTION In line with commercial industry standards, the data center used by EndNote employs a dedicated security team to protect our

More information

KantanMT.com. Security & Infra-Structure Overview

KantanMT.com. Security & Infra-Structure Overview KantanMT.com Security & Infra-Structure Overview Contents KantanMT Platform Security... 2 Customer Data Protection... 2 Application Security... 2 Physical and Environmental Security... 3 ecommerce Transactions...

More information

Daxko s PCI DSS Responsibilities

Daxko s PCI DSS Responsibilities ! Daxko s PCI DSS Responsibilities According to PCI DSS requirement 12.9, Daxko will maintain all applicable PCI DSS requirements to the extent the service prov ider handles, has access to, or otherwise

More information

Datasheet. Only Workspaces delivers the features users want and the control that IT needs.

Datasheet. Only Workspaces delivers the features users want and the control that IT needs. Datasheet Secure SECURE Enterprise ENTERPRISE File FILE Sync, SYNC, Sharing SHARING and AND Content CONTENT Collaboration COLLABORATION BlackBerry Workspaces makes enterprises more mobile and collaborative,

More information

IPM Secure Hardening Guidelines

IPM Secure Hardening Guidelines IPM Secure Hardening Guidelines Introduction Due to rapidly increasing Cyber Threats and cyber warfare on Industrial Control System Devices and applications, Eaton recommends following best practices for

More information

Comprehensive Database Security

Comprehensive Database Security Comprehensive Database Security Safeguard against internal and external threats In today s enterprises, databases house some of the most highly sensitive, tightly regulated data the very data that is sought

More information

Technical Overview of DirectAccess in Windows 7 and Windows Server 2008 R2. Microsoft Windows Family of Operating Systems

Technical Overview of DirectAccess in Windows 7 and Windows Server 2008 R2. Microsoft Windows Family of Operating Systems Technical Overview of in Windows 7 and Windows Server 2008 R2 Microsoft Windows Family of Operating Systems Published: January 2009 This document supports a preliminary release of a software product that

More information