Menu Close

Philotimo(“do the right thing”) your Network

“Do the right thing” = Philotimo

PCI compliance best practices(from page 13 PCI DSS 3.0 doc):

  1. Monitoring of security controls—such as firewalls, intrusion-detection systems/intrusion-prevention systems (IDS/IPS), file-integrity monitoring (FIM), anti-virus, access controls, etc.—to ensure they are operating effectively and as intended.
  2. Ensure all failures in security controls, such as firewalls and IDS/IPS, file integrity monitoring, anti-virus.
  3. Review changes to environment
    1. Determine impact to PCI DSS scope
    2. Identify PCI DSS requirements applicable to item affected by the change
    3. Update PCI DSS scope and implement security controls as appropriate
  4. Changes to organizational structure (adding offices, mergers, etc)
  5. Periodic reviews and communications
  6. Review HW and SW at least annually that is continued to be supported by the vendor. Alpha scan  helps you review your systems.

We need a permission document

then we nmap scan your systems.

If you have certain ports open then I may perform vulnerability scan using tools.

I write a report – if problems exist

Your IT department fixes the problem

I run another scan to see if the problem was fixed.

Will write another report and discuss with you.$500/ip address for external IPs, if internal ips (requires onsite visit) then an onsite fee is assessed


Leave a Reply