Home page logo

educause logo Educause Security Discussion mailing list archives

Re: PCI Compliance Policies
From: "Penn, Blake" <pennb () UWW EDU>
Date: Thu, 19 Jul 2007 12:55:11 -0500

30 June 2005 was the *compliance* deadline (back with the "old" 1.0
requirements).  1.1 requirements are in effect now.  September is when VISA
is mandating *validation* (as opposed to compliance) for level 2 merchants.
MasterCard is not requiring validation for level 2 merchants until the end
of 2008, though.  Every merchant level is currently required to comply with
all the requirements, however.

Blake Penn, CISSP                            
Information Security Officer         
University of Wisconsin-Whitewater
(p) 262-472-7792 (f) 262-472-1285
pennb () uww edu | http://www.uww.edu/security 

-----Original Message-----
From: Roger Safian [mailto:r-safian () NORTHWESTERN EDU] 
Sent: Thursday, July 19, 2007 12:20 PM
Subject: Re: [SECURITY] PCI Compliance Policies

At 12:14 PM 7/19/2007, Theresa M Rowe put fingers to keyboard and wrote:
Is ANYONE going to be compliant by the September deadline??  Did you use a 
consultant to get there?

What is the September deadline?  I thought compliance was supposed to start
on 1/1/06?  

FWIW, we're still working on compliance...it's pretty time consuming.

Roger A. Safian 
r-safian () northwestern edu (email) public key available on many key servers.
(847) 491-4058   (voice)
(847) 467-6500   (Fax) "You're never too old to have a great childhood!"

Attachment: smime.p7s

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]