[Kolab-devel] PCI compliance?

Jerry Pommer jpommer at bynari.net
Mon Aug 30 16:39:23 CEST 2010


Hello all,

Here in the United States, businesses that accept credit cards through
websites and such are expected to comply with the Payment Card Industry
Data Security Standard:

http://www.pcicomplianceguide.org/pcifaqs.php

Part of compliance with this standard includes subjecting your network
to a "compliance scan" and audit every six months. The scan and manual
audit identify vulnerabilities in firewalls and installed software. To
meet the compliance standard you might have to upgrade Apache or PHP,
for example, if the version you are running is known to contain a
vulnerability that could compromise the security of your customer's
credit card transaction data. Failure to comply may result in fines and
other costs levied by the credit card companies until the problem is
resolved.

Is the Kolab development community paying attention to this, and taking
steps at regular intervals to patch the server when necessary? I have
searched the list archives back to January 2009 and found no discussion
of such.

Thank you,

Jerry Pommer

-- 
Jerry Pommer
Bynari, Inc.
222 W Las Colinas Blvd, Suite 1320N
Irving, Tx  75039

www.bynari.net
jpommer at bynari.net
214-350-5772 x57




More information about the devel mailing list