[Kolab-devel] PCI compliance?

Gunnar Wrobel wrobel at kolabsys.com
Wed Sep 1 19:16:06 CEST 2010

Zitat von Jerry Pommer <jpommer at bynari.net>:

> Hello all,
> Here in the United States, businesses that accept credit cards through
> websites and such are expected to comply with the Payment Card Industry
> Data Security Standard:
> http://www.pcicomplianceguide.org/pcifaqs.php
> Part of compliance with this standard includes subjecting your network
> to a "compliance scan" and audit every six months. The scan and manual
> audit identify vulnerabilities in firewalls and installed software. To
> meet the compliance standard you might have to upgrade Apache or PHP,
> for example, if the version you are running is known to contain a
> vulnerability that could compromise the security of your customer's
> credit card transaction data. Failure to comply may result in fines and
> other costs levied by the credit card companies until the problem is
> resolved.
> Is the Kolab development community paying attention to this, and taking
> steps at regular intervals to patch the server when necessary? I have
> searched the list archives back to January 2009 and found no discussion
> of such.

We do take security serious of course and if you look at  
http://kolab.org/ you will see that we publish security fixes when  

I do not know anything about PCI-compliance though but that might be  
linked to the fact that I'm a developer living in Germany. My focus is  
on the technical side of the server. I added Georg and Paul on cc.  
They should be able to provide more details.



> Thank you,
> Jerry Pommer
> --
> Jerry Pommer
> Bynari, Inc.
> 222 W Las Colinas Blvd, Suite 1320N
> Irving, Tx  75039
> www.bynari.net
> jpommer at bynari.net
> 214-350-5772 x57
> _______________________________________________
> Kolab-devel mailing list
> Kolab-devel at kolab.org
> https://kolab.org/mailman/listinfo/kolab-devel

Gunnar Wrobel
Developer, Kolab Systems AG

e: wrobel at kolabsys.com
t: +49 700 6245 0000
w: http://www.kolabsys.com

pgp: 9703 43BE

This message was sent using IMP, the Internet Messaging Program.

More information about the devel mailing list