In the current environment of social distancing and uncertainty, as a store or restaurant operator, you are focusing on protecting staff, customers and your business. However, it’s also critical to make sure you don’t let your guard down when it comes to protecting your network.
Even with the increasing number of people working remotely and the reliance on third-party technicians, with the right solution, you can still enable them to securely connect to POS, DVR, ATG and other inherently insecure devices in a PCI compliant manner. What this means to you is that your operations and support personnel don’t have to go onsite to access local devices. Instead, they can securely and remotely connect to resolve issues and keep your store up and running.
PCI DSS requirements
When looking for a remote access solution, you want to make sure you are adhering to the PCI Security Standards Council requirements. Two of these, PCI DSS r. 12.3.8 and 12.3.9, stipulate that remote access for vendors and business partners be provided only when needed and automatically disconnect after a period of inactivity.
PCI DSS 12.3.8 Automatic disconnect of sessions for remote-access technologies after a specific period of inactivity
PCI DSS 12.3.9 Activation of remote-access technologies for vendors and business partners only when needed by vendors and business partners, with immediate deactivation after use
SOURCE: PCI Security Standards Council (PCI SSC)
A secure, PCI compliant solution for remote access
Acumera recently introduced its AcuLink Endpoint Connection Service, which allows endpoint devices to be fully isolated on local segments but still be accessible by operations and support personnel in a PCI DSS compliant way from any location. Instead of going onsite, they can securely and remotely connect — resulting in accelerated service, reduced technician visits and expenses, and faster issue resolution.
• Simple one-click activation of remote sessions
• Pre-defined, automatic disconnection of remote sessions
• Authenticated, logged and secured ephemeral connections
• Compliance with PCI DSS remote access requirements 12.3.8 and 12.3.9
• Remote access of POS to accelerate service and reduce technician travel and expense
• Compliant remote access to legacy devices like DVRs and ATGs
Through July 31, 2020, Acumera is offering the new AcuLink Endpoint app at no additional charge to current clients with C-Store Connections or a comparable package. Contact Acumera at 512.687.7410 or firstname.lastname@example.org for more details.
Organizations that require an annual PCI compliance audit have many options when it comes to choosing a Qualified Security Assessor (QSA) company. While the PCI Security Standards Council validates each QSA company’s adherence to the PCI DSS, there are still differences between QSA companies, their approach …
Organizations can improve their compliance status and reduce the internal burden of compliance by carefully choosing PCI compliant service providers. Selecting the right provider for your company requires careful attention to detail since there is a wide variety of service providers and levels of services they …
The Cybersecurity and Infrastructure Security Agency (CISA) has released a notice regarding updates to the Iranian Cyber Threat Profile. You can view the original article online: https://www.us-cert.gov/ncas/alerts/aa20-006a. CISA advises that organizations consider these action items: Adopt a state of heightened awareness. Minimize gaps in personnel coverage, consistently …