cbs pci webinar - april

Your HostsYour Hosts

Gary Stotko

•CBS Vice President of Sales and Marketing•Technology Service Provider for the Hospitality Industry

Patrick Purcell •Tekmark Director of Business Development•Managed Security Service Provider

• One of the nations largest hospitality technology providers.

• Our customers are large, multi-unit chains to single-unit operators.

• We understand the needs of the small operator while being able to satisfy the demands of a large chain.

3 3 Points to RememberPoints to Remember

3 3 Points to RememberPoints to Remember

THIS COULD PUT YOU OUT OF BUSINESS!!THIS COULD PUT YOU OUT OF BUSINESS!!

3 3 Points to RememberPoints to Remember

Are you willing to take this risk?Are you willing to take this risk?

Before we start…

Foundation for your PCI StrategyFoundation for your PCI Strategy

PCI Data Security Standard

Operating System

POS Software

Hardware

• What Is Compliant– Windows 7 on Server– Windows XP SP3– Windows POSReady 2009 on Terminals

• What Is Not Compliant– Windows 2000, 98, 95, XP SP 1 + 2– Windows XP Embedded SP 1 & 2

• What is the Risk of an old Operating System?

Operating System

• What is Compliant– Current Windows OS on Server and Terminals– PCI-compliant version of POS• POSitouch 5.32-4 for existing deployments

– All Other System Software• Midnight Express v 4.0• Transaction Plus v 7.09

• What is Not Compliant– POSitouch: 5.31 and earlier

POS Software

• All Terminals and Workstations• Back-office Server• Firewall• Older Terminals: – IBM 53C, 521, 531, 532, J2 520, J2

560, Posiflex 5800 Series

Hardware

Your Old Hardware May Not Work With Your Updated OS and POS!

PCI Data Security Standard

• Data Security Standard (DSS)• Firewall• PCI Scanning by Approved Scanning Vendor (ASV)• Self-Assessment Questionnaire (SAQ)

DSS:DSS:12 Key Security Requirements12 Key Security Requirements

• PCI Security Starts Here– Requirement #1 of PCI DSS

• Stops Intruders, Viruses, and Malware• Enables Secure Remote Access– No more PC Anywhere!

• Manage it actively or it’s Useless

More than 3 years old? Chances are it’s End Of Life and NOT COMPLIANT!

FirewallFirewall

• Must be performed Quarterly• Must be done by ASV• Scanning Report leads to Remediation

Who Will Help Fix The Problems Found By Scanning?

PCI Scanning by ASVPCI Scanning by ASV

Self-Assessment QuestionnaireSelf-Assessment Questionnaire

• Annual Submission to Brands and Banks

• Must be signed by Store Operator

Over 200 questions and

49 pages long!

What to Do NextWhat to Do Next

Where Can You get Help?Where Can You get Help?

Watch for our Watch for our next webinar in next webinar in

June!June!

PCI Security ResourcesPCI Security Resourceswww.pcisecuritystandards.org/smbwww.pcisecuritystandards.org/smb

FREE OFFER!FREE OFFER!

• Tekmark is an Approved Scanning Vendor!

• PCI Scan to the first 5 attendees to contact us *subject to conditions

• Simply call or email Tekmark for your initial consultation and reserve your FREE PCI Scan

Custom Business SolutionsGary Stotko

Vice President Sales949-380-POSI (7674)

gary.stotko@cbsnorthstar.com

Tekmark Global SolutionsPatrick Purcell

Director, Business Development732-383-1322

ppurcell@tekmarkinc.com

Thank You for Joining!