![]() ![]() Reference Records Retention/Destruction for guidance on retention periods.Storage, disposal, sanitization, and physical access control:. ![]() Enabling security event logging and a password-protected screen saverĮach faculty, school and division is responsible for protecting hardcopies of sensitive cardholder data, and softcopies of such data, generated or stored on devices:.Maintaining up-to-date personal firewalls and anti-virus software.The minimum configuration for such devices includes: End-user DevicesĪny time end-user devices are able to connect to the e-commerce environment for administrative or any other purpose beyond executing a standard payment transaction, that end-user device is considered within the scope of the e-commerce environment.Īll end-user devices must be authorized, configured and managed by the TRU ITS Division. Transmitting financial information via digital fax machines is prohibited as these devices are not point-to-point and are, therefore, considered no more secure than email. In compliance with TRU's Information Classification Standards, financial information may only be transmitted via analogue fax machines. If wireless networking is deemed to be required, an exception must be requested from the TRU PCI Steering Committee. TRU's network excluding cellular networks may not be used for payment card transactions. Only computing devices including servers, end-user devices and networks managed by IT Services will be authorized to perform credit card transactions by the PCI Steering Committee. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |