1) The person who discovers the incident will call the grounds dispatch office. List possible sources of those who may discover the incident. The known sources should be provided with a contact procedure and contact list. Sources requiring contact information may be: a) Helpdesk b) Intrusion detection monitoring personnel c) A system administrator d) A [...]
Wired has an article outlining a new lawsuit started by a merchant regarding fines levied by Visa and Mastercard after they have determined a breach of security in the merchants systems. The merchant states that they had no way of disputing the allegations that there was a breach of security allowing card numbers to be [...]
Here is a very simple network diagram showing the physical connections from the internet to the various network segments. You will notice that there are 3 distinct zones, each separated from the others with a firewall. This is required by PCI standards. Only the DMZ should have direct access to and from the internet the [...]
The following tasks should be conducted on a periodic basis. Probably the best way to do this is to setup appointments in your calendar software. Each time a task is completed it should be documented with a ticket in your ticketing system (for example Mantis) and signed off by at least two different parties. [...]
1.3 Prohibit direct public access between the Internet and any system component in the cardholder data environment.
1.2 Build firewall and router configurations that restrict connections between untrusted networks and any system components in the cardholder data environment. Note: An ―untrusted network is any network that is external to the networks belonging to the entity under review, and/or which is out of the entity’s ability to control or manage.
Change Number __________ Submitted By ____________ Signature ______________ Date _____________ Approved By ____________ Signature _______________ Date _____________ Implemented By ___________ Signature ______________ Date _____________ Source____________________ Destination____________________ Port____________________ Action____________________ Business Purpose____________________ For any insecure services, protocols, or ports please provide description of additional security controls put into place to mediate the risk. Examples of insecure services, protocols, [...]
Audit Date ________________ Audited By ________________ Signature _________________ Approved By _______________ Signature __________________ No. Source Destination Port Action Business Purpose Change Request Number Mitigating Controls 1 Any www.domain.com(192.168.2.111) HTTP(80) Allow Allow outside computers to connect to webserver on port 80 1125 2 Any www.domain.com(192.168.2.111) HTTPS(443) Allow Allow outside computers to connect to webserver on [...]
Firewalls must be placed at each Internet Connection and between the DMZ and the internal network zone. The Security Officer must approve all changes made to the firewall. IT Admins are the only ones that shall have access to make changes to the firewall. All changes to the firewall must follow the Firewall Change Procedure [...]
1.1 Establish firewall and router configuration standards that include the following: Firewalls and routers are the first line of defense for any network. These devices block unwanted traffic in and out of the network. Without policies and procedures in place to manage and document the changes and configurations to firewalls and routers any organization could [...]