tag:blogger.com,1999:blog-5704248368030212351.post2754848229185614463..comments2023-07-06T08:03:57.025-04:00Comments on PCI DSS News and Information for Higher Education: On the Eve of PCI DSS 3.0: Scope CreepGenehttp://www.blogger.com/profile/13307650260688914470noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-5704248368030212351.post-63814342933418970242014-03-03T15:44:49.574-05:002014-03-03T15:44:49.574-05:00Hi Mark: See this blog later this week for some an...Hi Mark: See this blog later this week for some answers. The external payment page environment is addressed in a new SAQ version, and it's a doozy!<br /><br />Gene<br />Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-5704248368030212351.post-55777061009515970772014-01-13T04:39:34.911-05:002014-01-13T04:39:34.911-05:00Very interesting article. just discovered the &quo...Very interesting article. just discovered the "PCI DSS E-commerce Guidelines".<br /><br />Unfortunately, this guide is not clear enough from my point of view about whether merchants that use an external payment page are extracted from PCI DSS responsibilities. But, as we known it is.<br /><br />How to "secure page with redirection code" ?<br /><br />1 Enforce file-integrity monitoring on the web repository.<br />2 Enforce strong password on admin interface<br />3 Enforce Web servers and frameworks patch management<br />4 Enforce OWASP web guidelines <br /><br />With that, a hacker will not be able to modify the redirection code.Markhttp://www.pci-initiative.orgnoreply@blogger.com