Requirement 6: Develop And Maintain Secure Systems And Applications; Implement Strong Access Control Measures; Requirement 7: Restrict Access To Cardholder Data By Business Need To Know - VeriFone Vx520 Implementation Manual
Payment core
Hide thumbs
Also See for Vx520:
- Reference manual (190 pages) ,
- Installation manual (64 pages) ,
- User manual (37 pages)
Table of Contents
Advertisement
Requirement 6: Develop and maintain secure systems and applications
a. What the requirement says
"Unscrupulous individuals use security vulnerabilities to gain privileged access to systems. Many of
these vulnerabilities are fixed by vendor-provided security patches, which must be installed by the
entities that manage the systems. All systems must have all appropriate software patches to protect
against exploitation and compromise of cardholder data by malicious individuals and malicious soft-
ware.
Note: Appropriate software patches are those patches that have been evaluated and tested suffi-
ciently to determine that the patches do not conflict with existing security configurations. For in-
house developed applications, numerous vulnerabilities can be avoided by using standard system
development processes and secure coding techniques.", reference 2.
b. How your Point Vx helps you meet this requirement
Point Transaction Systems constantly works with the latest security findings and requirements
throughout the life cycle of your Point Vx. This includes automatic SW updates whenever necessary.
c. What this means to you
You should keep your system up to date with software updates, operating system updates, and any
other security patches.
For the Point Vx you do not need to take any action.
2.4. Implement Strong Access Control Measures
Requirement 7: Restrict access to cardholder data by business need to know
a. What the requirement says
© 2015 VeriFone. All rights reserved. VeriFone, the VeriFone logo, Vx, Mx, VeriCentre, VeriShield, Verix V, Verix and PAYware are either
trademarks or registered trademarks of VeriFone in the United States and/or other countries. All other trademarks or brand names are the
properties of their respective holders. All features and specifications are subject to change without notice.
The information contained in this document is confidential and property of VeriFone, Inc. This material may not be copied or published, or
divulged in part or in totality without written permission form VeriFone, Inc.
Author
Jevgenijs Smirnovs
E-mail
jevgenijs.smirnovs@verifone.com
Phone
+371 67844726
Document name
Verifone Payment Core
Point VxPC F02.01.xxx
Implementation Guide
Date
12-Jun-2015
Page number
Version
16
1.0
Hide quick links:
Advertisement
Table of Contents
