Home page logo

educause logo Educause Security Discussion mailing list archives

Re: RuffaloCODY Fundraising Management question
From: Walter Petruska <wpetruska () USFCA EDU>
Date: Thu, 20 Jun 2013 09:42:47 -0700

My question was mostly about how you delineate in your service agreement
the responsibilities or Scope of PCI between ruffalocody and your own

Is it in the service agreement, is it in an attached diagram or what?
On Jun 20, 2013 9:20 AM, "Coffman, Tobiah" <tcoffman () bsu edu> wrote:


** **

We have RuffaloCODY on our campus.  I have somewhat limited knowledge of
the setup, but I can answer what I know and try to get answers for anything

** **

-Tobey Coffman, CISSP****

Director of Information Security****

Ball State University****

** **

*From:* The EDUCAUSE Security Constituent Group Listserv [mailto:
SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *Walter Petruska
*Sent:* Wednesday, June 19, 2013 3:07 PM
*Subject:* [SECURITY] RuffaloCODY Fundraising Management question****

** **

Could any of you who have RuffaloCODY as a service provider, operating ON
your campus (and therefore within your facilities/on your network, etc.)
please contact me directly (off-list) for a brief discussion.

The topic is past performance, and specifically, PCI-compliance and where
to draw the contract and technology and organizational lines to maintain
compliance of each party (RuffaloCODY & your institution)****

Thanks much-

-- ****

*Walter Petruska CISSP, CISA, CGEIT*
*Information Security Officer*

*University of San Francisco*
Lone Mountain North - 2nd Floor
2130 Fulton Street
San Francisco, CA 94117
*ITS Help Desk*, Phone: 415-422-6668


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]