Insurance brokers can assist clients that handle payment card transactions through a POS system to identify common compliance failures by asking the following questions:
Were payment processing systems installed and configured with the assistance of a systems integrator, reseller or consultant qualified by the PCI Security Standards Council Qualified Integrators and Resellers (QIR)™ program?
Have all default and vendor supplied passwords for payment systems been modified?
Are all the devices and servers that handle payment card transactions inside the network completely segmented by firewalls at each internet connection as well as from the remainder of your corporate network?
Has access been restricted to and from the PCI environment to only necessary systems and ports inside your corporate environment?
Do you restrict external traffic from “untrusted” networks and hosts?
Have you prohibited direct public access between the internet and all components inside your PCI environment?
Was this article valuable?
Here are more articles you may enjoy.