Vantiv eprotect iframe Technical Assessment Paper Prepared for:

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Vantiv eprotect iframe Technical Assessment Paper Prepared for:"

Transcription

1 Vantiv eprtect iframe Technical Assessment Paper Prepared fr: Octber 13, 2015

2 P a g e 2 Cntents EXECUTIVE SUMMARY...3 OVERVIEW... 3 ABOUT VANTIV EPROTECT... 4 OPERATIONAL FLOW... 5 TECHNICAL ASSESSMENT...6 AUDIENCE... 6 ASSESSMENT SCOPE... 6 MERCHANT PCI DSS COMPLIANCE APPLICABILITY... 7 TECHNICAL SECURITY ASSESSMENT... 7 RECOMMENDED BEST PRACTICES SUMMARY FINDINGS AND CONCLUSIONS U n i t e d S t a t e s C a n a d a L A C U n i t e d K i n g d m E u r p e w w w. c a l f i r e. c m Calfire v

3 P a g e 3 E X E C U T I V E S U M M A R Y Overview As f July 2015, all eligible merchants and service prviders are required t be cmpliant with PCI DSS v3.1, which defines new scping guidelines fr utsurced web payment capture slutins that are nw cnsidered part f Cardhlder Data Envirnment (CDE). As a result, merchants and service prviders must define their respnsibilities in alignment with PCI DSS 3.1 when utsurcing their payment prcessing respnsibilities t validated third parties. Merchants wh utsurce their payment prcessing respnsibilities t PCI DSS-cmpliant third parties may still have t validate applicable security cntrls f their ecmmerce envirnment based n their specific implementatin apprach. Payment brands allw Level 2 1, Level 3, and Level 4 merchants wh d nt electrnically stre, prcess, r transmit cardhlder data n any f their systems r premises t validate their cmpliance using SAQ A r SAQ A-EP. Level 1 merchants wh utsurce their payment prcessing must discuss the validatin requirements with their QSAs, acquirers, r payment brands t cnfirm which applicable cntrls remain. Vantiv engaged Calfire Systems Inc., a respected Payment Card Industry (PCI) Qualified Security Assessr (QSA) cmpany, t cnduct an independent technical review f Vantiv s eprtect slutin (frmally knwn as Vantiv PayPage). Vantiv eprtect prvides card-nt-present data security fr merchants needing t reduce their risk by cmpletely eliminating the presence f cardhlder data frm their systems. Vantiv eprtect ffers multiple integratin appraches, and this technical assessment specifically addresses the Vantiv eprtect iframe integratin methdlgy. Calfire s findings describe hw the use f Vantiv eprtect iframe, implemented in alignment with the eprtect Integratin Guide (v4.5/1.2), will significantly reduce the risk f accunt data cmprmise within a merchant s ecmmerce envirnment, and hw merchants will expect t receive applicable cntrl reductin under PCI DSS v Level 2 merchants that chse t cmplete annual self-assessment questinnaire must ensure staff engaged in self-assessment attend PCI SSC ISA Training and pass assciated accreditatin prgram annually in rder t cntinue ptin f self-assessment fr cmpliance validatin. Alternatively, Level 2 merchants may, at their wn discretin, cmplete an annual nsite assessment cnducted by a PCI SSCapprved Qualified Security Assessr (QSA) rather than cmplete an annual self-assessment questinnaire. MasterCard.cm U n i t e d S t a t e s C a n a d a L A C U n i t e d K i n g d m E u r p e w w w. c a l f i r e. c m Calfire v

4 P a g e 4 Abut Vantiv eprtect Vantiv eprtect is a cmprehensive card-nt-present data security slutin that helps merchants slve initial data capture and cardhlder data strage challenges by eliminating cardhlder data frm their systems, significantly reducing the threat f accunt data cmprmise and PCI applicable cntrls under PCI DSS v3.1. T eliminate capture f cardhlder data n their systems, merchants embed the iframe URL n their web page hsted by Vantiv s servers. Rich custmizatin f the style and layut f the checkut experience allws the merchant s site t lk and feel like the merchant s brand, while eliminating cardhlder data frm their systems. T eliminate pst-authrizatin cardhlder data strage, Vantiv s OmniTken slutin replaces clear cardhlder values with tkens that can be used in place f payment data thrughut merchant systems that virtually eliminate the risk f data theft. The Vantiv eprtect envirnment is validated against PCI DSS (Vantiv ecmmerce/litle & C. Attestatin f Cmpliance) until Dec. 19, 2015). Figure 1: Vantiv eprtect iframe Data Flw U n i t e d S t a t e s C a n a d a L A C U n i t e d K i n g d m E u r p e w w w. c a l f i r e. c m Calfire v

5 P a g e 5 Operatinal Flw 1. When a custmer is ready t enter their cardhlder data int the merchant's web page, the merchant web server delivers a frm t the custmer's web brwser. The brwser lads the iframe hsted by the eprtect server utilizing a third-party Cntent Delivery Netwrk (CDN) prvider t accelerate the cntent delivery. 2. The custmer enters their PAN, ptinal security cde (card verificatin values), and ptinal expiratin date int the iframe fields and clicks the submit buttn n the merchant's page calling the eprtect server. Within the hsted iframe, JavaScript encrypts cardhlder data with a 24-hur public-private key pair knwn nly by Vantiv (RSA/ECB/PKCS1 Padding 2048 bits) and sends the encrypted message t the eprtect server via HTTPS/TLS v1.2* (Getrust Glbal CA, SHA-1 with RSA 2048 bit encryptin) thrugh a third party CDN, using an HTTPS GET request. eprtect returns a nn-sensitive, lw-value tken called a Registratin ID in place f the Primary Accunt Number (PAN). 3. The merchant page submits the Registratin ID and nn-cardhlder data elements t their web server fr rder prcessing. 4. Once the authrizatin request arrives at Vantiv, the Registratin ID is cnverted t a high-value tken called an OmniTken and returned t the merchant with the authrizatin respnse. N cardhlder data is ever transmitted t the merchant s servers, since the page never had access t the payment infrmatin submitted via the Vantiv eprtect iframe. * eprtect supprts TLS v1.0 and higher as it utilizes field-level encryptin with a public-private key pair prir t transmissin, and is nt limited by the TLS prtcl versin t meet applicable cntrl reductin under PCI DSS v3.1. U n i t e d S t a t e s C a n a d a L A C U n i t e d K i n g d m E u r p e w w w. c a l f i r e. c m Calfire v

6 P a g e 6 T E C H N I C A L A S S E S S M E N T As part f the technical assessment, Calfire perfrmed applicatin and vulnerability testing, reviewed technical dcumentatin (including the eprtect Integratin Guide, v4.5/1.2), and interviewed subject matter experts t identify ptential risks t cardhlder data and reductin f applicable PCI DSS cntrls. Audience This technical assessment reprt has tw relevant audiences. I. Merchants, Develpers, and Integratrs: This audience will be able t clearly understand the reductin f applicable PCI DSS cntrls under v3.1 they will receive frm implementing this slutin. II. QSAs and the Internal Audit Cmmunity: This audience will be able t clearly identify the impact n PCI DSS v3.1 validatin n behalf f their merchants. Assessment Sc pe The scpe f Calfire s assessment fcused n the critical elements that validate the security and effectiveness f the Vantiv eprtect iframe slutin, the impact t the merchant s PCI respnsibility when implementing eprtect, and remaining nn-pci required security best practices. Calfire incrprated in-depth analysis f cmpliance fundamentals that are essential fr evaluatin. Calfire als utilized reviews and feedback btained frm members f the PCI cmmunity. Vantiv s eprtect iframe was assessed by Calfire between April 6-18, Calfire perfrmed testing n the iframe slutin via the Vantiv prvided test website: ( The testing fcused n packet captures, data cntained in brwser requests (GET and POST), and web applicatin testing t cnfirm that Vantiv iframe is nt vulnerable t attacks. Calfire cnducted technical remte lab testing in Vantiv labs in Lwell, Mass., encmpassing merchant web pages, integratin, transactin testing, and encryptin in transmissin. U n i t e d S t a t e s C a n a d a L A C U n i t e d K i n g d m E u r p e w w w. c a l f i r e. c m Calfire v

7 P a g e 7 Merchant PC I D S S Cmpliance Applicability Based n analysis and testing, Calfire recmmends that merchant ecmmerce envirnments that d nt electrnically stre, prcess, r transmit cardhlder data n their systems, and prvide an iframe t a PCI DSS cmpliant third-party prcessr fr payment prcessing, will be eligible t validate cmpliance with an SAQ A under PCI DSS v3.1. Discussed belw are tw use-cases when Vantiv iframe is deplyed by merchants. U s e Case I: Level 2 1, Level 3, and Level 4 merchants defined by the payment brands that d nt electrnically stre, prcess, and transmit cardhlder data in their ecmmerce envirnment, and implement eprtect iframe, will be eligible fr SAQ A in alignment with the PCI DSS 3.1 standard. Merchants are required t cnsult their acquirer(s) r payment brands abut individual PCI DSS validatin requirements and their eligibility fr submitting an SAQ. U s e Case II: Level 1 merchants will achieve reductin f applicable PCI cntrls fr their ecmmerce envirnment where cardhlder data is nt electrnically stred, prcessed, r transmitted n systems when eprtect iframe has been implemented t handle all cardhlder data respnsibilities. Eligible merchant envirnments with Vantiv s eprtect iframe can be validated against applicable cntrls t the SAQ A. Technical Security Assessment Calfire evaluated and tested Vantiv s eprtect iframe slutin t determine applicable cntrls fr PCI DSS v3.1. Verificatin f Vantiv eprtect iframe: Calfire simulated transactins that culd ccur n a merchant web page using knwn cardhlder data and fund nn-sensitive plain text-data n the web pages. Encrypted cardhlder data was bserved thrugh the sampled web pages. eprtect utilizes HTTPS TLS v1.2 as per PCI DSS 3.1 fr all cmmunicatins t and frm the eprtect envirnment. Cnfirmed Vantiv eprtect envirnment is PCI DSS validated. (Vantiv ecmmerce Attestatin f Cmpliance (AOC) valid until Dec. 19, 2015). Registratin ID (a nn-sensitive value as defined by the PCI DSS Tkenizatin Standard) in place f the accunt number was returned frm the Vantiv envirnment. eprtect iframe entirely remves expsure and strage f cardhlder data n merchant servers by securely transmitting cardhlder data directly frm the custmer s web brwser t the Vantiv eprtect server, returning nly tkenized data t the merchant envirnment. U n i t e d S t a t e s C a n a d a L A C U n i t e d K i n g d m E u r p e w w w. c a l f i r e. c m Calfire v

8 P a g e 8 Perfrmed web applicatin penetratin test using Burp Suite applicatin scanning tl and cnfirmed that n vulnerabilities related t ecmmerce applicatin exist; hwever, culd be vulnerable t knwn susceptibilities like clickjacking, if merchants d nt handle their initiating web pages in a secure manner. Figure 2: Vantiv eprtect iframe Brwser Request frm a Sample Transactin GET Request t Vantiv eprtect frm merchant envirnment shws thse parameters cntaining PAN and Sensitive Authenticatin Data (CVV/ CVV /CVV2) are encrypted using public private key pair implemented by Vantiv. Figure 3: Vantiv eprtect iframe Request Parameters with Encrypted Data Calfire bserved and analyzed traffic via Wireshark tl and cnfirmed that the transmissin f data ccurs ver TLS v1.2. U n i t e d S t a t e s C a n a d a L A C U n i t e d K i n g d m E u r p e w w w. c a l f i r e. c m Calfire v

9 P a g e 9 Figure 4: Wireshark Transactin Capture Assessment testing used transactins frm Visa and Discver cards. N PAN r Sensitive Authenticatin Data (CVC/CVV/CVV2) was fund unencrypted ver public netwrks. Cardhlder data was captured and transmitted n the Vantiv web pages, and n cardhlder data was returned t the merchant test web pages. Data parameters received n merchant pages included first six and last fur digits f initiating primary accunt number, registratin ID, transactin ID, and ther data elements essential fr perfrming peratins like returns, reversals, card verificatins, refunds, data analytics, and reprting. U n i t e d S t a t e s C a n a d a L A C U n i t e d K i n g d m E u r p e w w w. c a l f i r e. c m Calfire v

10 P a g e 10 Figure 5: POST Request Data frm Vantiv eprtect iframe (N Full Credit Card Number r Sensitive Authenticatin Data Exist) U n i t e d S t a t e s C a n a d a L A C U n i t e d K i n g d m E u r p e w w w. c a l f i r e. c m Calfire v

11 P a g e 11 R E C O M M E N D E D B E S T P R A C T I C E S While merchants that implement Vantiv iframe may nt be required t validate applicable cntrls fr systems that d nt tuch cardhlder data, it is recmmended they review PCI DSS requirements fr elements f their ecmmerce infrastructure since cmprmise f the merchant s web pages culd ptentially result in a cmprmise f the iframe, and failure t implement the slutin in alignment with the eprtect Integratin Guide culd intrduce risk t the envirnment, and merchants may n lnger be eligible fr cntrl reductin. T help mitigate such risks within the merchant envirnment, Calfire and Vantiv recmmend the fllwing additinal security best practices fr merchants that have implemented Vantiv iframe slutin: Reviewing web pages peridically: Review the Vantiv eprtect surce that is called frm the merchant envirnment t validate the fllwing surce has nt changed. (Please nte the belw is URL frm test envirnment, merchants needs t ensure that the URL prvided by Vantiv fr prductin envirnment is apprpriately reviewed.) <script type="text/javascript" src=" </script> Initiating new website and servers, including applicable PCI DSS requirements. Having written agreements with Vantiv (third-party service prvider in this case) and ensuring they prtect cardhlder data n behalf f the merchant, in accrdance with PCI DSS. Securing the web page(s) cntaining the iframe. iframes culd be hijacked by sending custmers t false payment pages where credit card data culd be stlen. Calfire recmmends that merchants deply and maintain the web pages in a secure manner. Ensuring transactins are received by acquirer n regular basis. Recnciliatin f transactins can be perfrmed frequently t knw that surce n merchant website has nt been altered. Using TLS v1.2 r higher when transmitting cardhlder data. Cnsider implementing a web applicatin firewall r ther intrusin-detectin technlgies t ensure web server s initiating requests are prtected against attacks. Develping applicatins in alignment with PCI DSS cmpliance. Regularly mnitring links (URLs, iframes, APIs) frm a merchant s website t the payment prcessr t ensure they have nt been altered t redirect t unauthrized lcatins. Perfrm peridic web applicatin penetratin testing fr the hsted ecmmerce website. U n i t e d S t a t e s C a n a d a L A C U n i t e d K i n g d m E u r p e w w w. c a l f i r e. c m Calfire v

12 P a g e 12 Requirement 9 and 12 f PCI DSS are cvered under SAQ-A. SAQ A-EP fcuses n the fllwing additinal areas: Requirement 1: Install and maintain a firewall cnfiguratin t prtect data (firewall and ruter cnfiguratins hardening). Requirement 2: D nt use vendr-supplied defaults fr system passwrds and ther security parameters (initiating web server cnfiguratins hardening). Requirement 3: Prtect stred cardhlder data (ensure card verificatin values r Persnal Identificatin Number (PIN) is nt stred after authrizatin). Requirement 4: Encrypt transmissin f cardhlder data acrss pen, public netwrks (ensure cardhlder data is transmitted nly thrugh Vantiv, and des nt facilitate transmissin via any ther means). Requirement 5: Prtect all systems against malware and regularly update anti-virus sftware prgrams. Requirement 6: Develp and maintain secure systems and applicatins (have prcess fr identifying security vulnerabilities, patching f systems, change cntrl prcesses, develp applicatins based n secure cding guidelines, and web applicatin firewall). Requirement 7: Restrict access t cardhlder data by business need t knw (access t cardhlder data envirnment systems shuld be limited). Requirement 8: Identify and authenticate access t system cmpnents (assign unique IDs, enable remte access nly when needed, fllw tw-factr and passwrd prcedures). Requirement 10: Track and mnitr all access t netwrk resurces and cardhlder data (mnitr the security f the server and applicatin ensuring that audit trails and alerts are in place - such as detecting and alerting upn unauthrized changes t the payment page). Requirement 11: Regularly test security systems and prcesses (engage an Apprved Scanning Vendr [ASV] t perfrm quarterly external vulnerability scans, and perfrm the penetratin testing and have change detectin mechanism deplyed within the cardhlder data envirnment, especially initiating web server). U n i t e d S t a t e s C a n a d a L A C U n i t e d K i n g d m E u r p e w w w. c a l f i r e. c m Calfire v

13 P a g e 13 S U M M A R Y F I N D I N G S A N D C O N C L U S I O N S Based upn interviews with Vantiv persnnel and review f supprted dcumentatin, it is Calfire s pinin that merchants wh prperly utilize Vantiv data security technlgies will reduce their risk f accunt data cmprmise and receive PCI DSS applicable cntrl reductin. Merchant ecmmerce envirnments that d nt tuch cardhlder data and implement Vantiv s eprtect iframe will be eligible fr SAQ A. The remaining security respnsibilities f the merchant s envirnment are nt applicable t PCI DSS. The fllwing are imprtant highlights f Calfire s technical evaluatin. A prperly designed and deplyed Vantiv iframe slutin can: Reduce the risk f cmprmise f cardhlder data fr a merchant envirnment. Reduce the attack surface and threat envirnment fr a merchant. Significantly reduce the number f applicable PCI DSS cntrls and validatin requirements fr merchants. Minimize the expsure f plain text cardhlder data fr the merchant when Vantiv eprtect is used. While achieving risk and PCI applicable cntrl reductin, implementing Vantiv eprtect des nt fully utsurce the merchant s payment respnsibilities. Vantiv eprtect iframe shuld nt lwer a merchant s sensitivity t the security f their ecmmerce envirnment, nr des it fully utsurce all their PCI DSS cmpliance respnsibilities. L e g a l Discl ai m er The pinins and findings within this evaluatin are slely thse f Calfire and d nt represent any assessment findings, r pinins, frm any ther parties. Calfire is slely respnsible fr the cntents f this dcument as f the date f publicatin. The cntents f this dcument are subject t change at any time based n revisins t the applicable regulatins and standards (HIPAA, PCI-DSS, et.al). Cnsequently, any frward-lking statements are nt predictins and are subject t change withut ntice. While Calfire has endeavred t ensure that the infrmatin cntained in this dcument has been btained frm reliable surces, there may be regulatry, cmpliance, r ther reasns that prevent us frm ding s. Cnsequently, Calfire is nt respnsible fr any errrs r missins, r fr the results btained frm the use f this infrmatin. Calfire reserves the right t revise any r all f this dcument t reflect an accurate representatin f the cntent relative t the current technlgy landscape. In rder t maintain cntextual accuracy f this dcument, all references t this dcument must explicitly reference the entirety f the dcument inclusive f the title and publicatin date; Neither party will publish a press release referring t the ther party r excerpting highlights frm the dcument withut prir written apprval f the ther party. If yu have questins with regard t any legal r cmpliance matters referenced herein, yu shuld cnsult legal cunsel, yur security advisr, and/r yur relevant standard authrity. U n i t e d S t a t e s C a n a d a L A C U n i t e d K i n g d m E u r p e w w w. c a l f i r e. c m Calfire v

PCI - Why You Need to be Compliant When Accepting Credit Card Payments. Agenda. Breaches in the Headlines. Breach Events & Commonalities

PCI - Why You Need to be Compliant When Accepting Credit Card Payments. Agenda. Breaches in the Headlines. Breach Events & Commonalities PCI - Why Yu Need t be Cmpliant When Accepting Credit Card Payments Tuesday, March 27, 2012 Agenda Breach Events & Cmmnalities Evlutin f PCI PCI Requirements Risks f Nn-cmpliance Industry Initiatives t

More information

VCU Payment Card Policy

VCU Payment Card Policy VCU Payment Card Plicy Plicy Type: Administrative Respnsible Office: Treasury Services Initial Plicy Apprved: 12/05/2013 Current Revisin Apprved: 12/05/2013 Plicy Statement and Purpse The purpse f this

More information

Process of Setting up a New Merchant Account

Process of Setting up a New Merchant Account Prcess f Setting up a New Merchant Accunt Table f Cntents PCI DSS... 3 Wh t cntact?... 3 Bakcgrund n PCI... 3 Why cmply?... 3 Hw t cmply?... 3 PCI DSS Scpe... 4 Des PCI DSS Apply t Me?... 4 What if I am

More information

BAMS Third Party Service Providers (TPSPs) FAQs

BAMS Third Party Service Providers (TPSPs) FAQs BAMS Third Party Service Prviders (TPSPs) FAQs 1) What is the Third Party Service Prvider (TPSP) Agent Registratin Prgram? The TPSP Agent Registratin Prgram is a Card Brand (Visa USA Inc and MasterCard

More information

GUIDANCE FOR BUSINESS ASSOCIATES

GUIDANCE FOR BUSINESS ASSOCIATES GUIDANCE FOR BUSINESS ASSOCIATES This Guidance fr Business Assciates dcument is intended t verview UPMCs expectatins, as well as t prvide additinal resurces and infrmatin, t UPMC s HIPAA business assciates.

More information

UNT Payment Card Merchant Handbook

UNT Payment Card Merchant Handbook UNT Payment Card Merchant Handbk University f Nrth Texas January 2014 Vlume 4, Issue 1 STUDENT ACCOUNTING & UNIVERSITY CASHIERING SERVICES Cntents The Purpse f the Handbk...1 General Overview...2 Hw des

More information

University of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments

University of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments University f Texas at Dallas Plicy fr Accepting Credit Card and Electrnic Payments Cntents: Purpse Applicability Plicy Statement Respnsibilities f a Merchant Department Prcess t Becme a Merchant Department

More information

HIPAA HITECH ACT Compliance, Review and Training Services

HIPAA HITECH ACT Compliance, Review and Training Services Cmpliance, Review and Training Services Risk Assessment and Risk Mitigatin: The first and mst imprtant step is t undertake a hlistic risk assessment that examines the risks and cntrls related t fur critical

More information

TrustED Briefing Series:

TrustED Briefing Series: TrustED Briefing Series: Since 2001, TrustCC has prvided IT audits and security assessments t hundreds f financial institutins thrugh ut the United States. Our TrustED Briefing Series are white papers

More information

Optimal Payments Extension. Supporting Documentation for the Extension Package. 20140225 v1.1

Optimal Payments Extension. Supporting Documentation for the Extension Package. 20140225 v1.1 Optimal Payments Extensin Supprting Dcumentatin fr the Extensin Package 20140225 v1.1 Revisin Histry v1.1 Updated Demac Media branding v1.0 Initial Dcument fr Distributin supprt@ptimalpayments.cm Page

More information

Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013

Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013 Versin: Mdified By: Date: Apprved By: Date: 1.0 Michael Hawkins Octber 29, 2013 Dan Bwden Nvember 2013 Rule 4-004J Payment Card Industry (PCI) Patch Management (prpsed) 01.1 Purpse The purpse f the Patch

More information

PROTIVITI FLASH REPORT

PROTIVITI FLASH REPORT PROTIVITI FLASH REPORT The PCI Security Standards Cuncil Releases PCI DSS Versin 3.2 May 9, 2016 On April 28, 2016, the PCI Security Standards Cuncil (PCI SSC) released PCI Data Security Standard (PCI

More information

Bit9 Security Solution Technology Whitepaper Date: September 17, 2015

Bit9 Security Solution Technology Whitepaper Date: September 17, 2015 P a g e 1 Bit9 Security Slutin Technlgy Whitepaper Date: September 17, 2015 Atlanta Bstn Dallas Denver Ls Angeles Manchester (U.K.) New Yrk San Francisc Seattle Washingtn, D.C. 877.224.8077 inf@calfire.cm

More information

Firewall/Proxy Server Settings to Access Hosted Environment. For Access Control Method (also known as access lists and usually used on routers)

Firewall/Proxy Server Settings to Access Hosted Environment. For Access Control Method (also known as access lists and usually used on routers) Firewall/Prxy Server Settings t Access Hsted Envirnment Client firewall settings in mst cases depend n whether the firewall slutin uses a Stateful Inspectin prcess r ne that is cmmnly referred t as an

More information

PENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK

PENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK Department f Health and Human Services OFFICE OF INSPECTOR GENERAL PENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK Inquiries abut this reprt may be addressed t the Office f Public Affairs

More information

expertise hp services valupack consulting description security review service for Linux

expertise hp services valupack consulting description security review service for Linux expertise hp services valupack cnsulting descriptin security review service fr Linux Cpyright services prvided, infrmatin is prtected under cpyright by Hewlett-Packard Cmpany Unpublished Wrk -- ALL RIGHTS

More information

Retail Security and Compliance Where On Earth is it Headed?

Retail Security and Compliance Where On Earth is it Headed? Retail Security and Cmpliance Where On Earth is it Headed? An verview f the retail sectr s IT threats and hw t be mre effective in preventing them. Agenda Intrductin Retail in the news Why cyber security

More information

The user authentication process varies from client to client depending on internal resource capabilities, and client processes and procedures.

The user authentication process varies from client to client depending on internal resource capabilities, and client processes and procedures. Learn Basic Single Sign-On Authenticatin Tale s Basic SSO applicatin grants Learn access t users withut requiring that they enter authenticatin lgin credentials (username and passwrd). The access pint

More information

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy COPIES-F.Y.I., INC. Plicies and Prcedures Data Security Plicy Page 2 f 7 Preamble Mst f Cpies FYI, Incrprated financial, administrative, research, and clinical systems are accessible thrugh the campus

More information

IT Account and Access Procedure

IT Account and Access Procedure IT Accunt and Access Prcedure Revisin Histry Versin Date Editr Nature f Change 1.0 3/23/06 Kelly Matt Initial Release Table f Cntents 1.0 Overview... 1 2.0 Purpse... 1 3.0 Scpe... 1 4.0 Passwrds... 1 4.1

More information

MaaS360 Cloud Extender

MaaS360 Cloud Extender MaaS360 Clud Extender Installatin Guide Cpyright 2012 Fiberlink Cmmunicatins Crpratin. All rights reserved. Infrmatin in this dcument is subject t change withut ntice. The sftware described in this dcument

More information

iphone Mobile Application Guide Version 2.2.2

iphone Mobile Application Guide Version 2.2.2 iphne Mbile Applicatin Guide Versin 2.2.2 March 26, 2014 Fr the latest update, please visit ur website: www.frte.net/mbile Frte Payment Systems, Inc. 500 West Bethany, Suite 200 Allen, Texas 75013 (800)

More information

IMPLEMENTATION DETAILS

IMPLEMENTATION DETAILS Plicy: Title: Status: 1. Intrductin ISP-I10 Payment Card Security Apprved Infrmatin Security Plicy Dcumentatin IMPLEMENTATION DETAILS 1.1. This dcument supprts implementatin f the "Payment Card Industry

More information

Comtrex Systems Corporation. CISP/PCI Implementation Guidance for Odyssey Suite

Comtrex Systems Corporation. CISP/PCI Implementation Guidance for Odyssey Suite CISP/PCI Implementatin Guidance fr Odyssey Suite Applicable Applicatin Versin This dcument supprts the fllwing applicatin versin: Odyssey Suite Versin 2.0 Intrductin Systems which prcess payment transactins

More information

Information Services Hosting Arrangements

Information Services Hosting Arrangements Infrmatin Services Hsting Arrangements Purpse The purpse f this service is t prvide secure, supprted, and reasnably accessible cmputing envirnments fr departments at DePaul that are in need f server-based

More information

To Receive CPE Credit

To Receive CPE Credit Trends in ACH Fraud & Risk Management Jhn A. Mills, AAP Supervising Cnsultant jmills@bkd.cm 314.231.5544 March 28, 2013 T Receive CPE Credit Participate in entire webinar Answer plls when they are prvided

More information

HIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions 724-942-1337

HIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions 724-942-1337 HIPAA Cmpliance 101 Imprtant Terms Cvered Entities (CAs) The HIPAA Privacy Rule refers t three specific grups as cvered entities, including health plans, healthcare clearinghuses, and health care prviders

More information

A96 CALA Policy on the use of Computers in Accredited Laboratories Revision 1.5 August 4, 2015

A96 CALA Policy on the use of Computers in Accredited Laboratories Revision 1.5 August 4, 2015 A96 CALA Plicy n the use f Cmputers in Accredited Labratries Revisin 1.5 August 4, 2015 A96 CALA Plicy n the use f Cmputers in Accredited Labratries TABLE OF CONTENTS TABLE OF CONTENTS... 1 CALA POLICY

More information

Personal Data Security Breach Management Policy

Personal Data Security Breach Management Policy Persnal Data Security Breach Management Plicy 1.0 Purpse The Data Prtectin Acts 1988 and 2003 impse bligatins n data cntrllers in Western Care Assciatin t prcess persnal data entrusted t them in a manner

More information

Systems Support - Extended

Systems Support - Extended 1 General Overview This is a Service Level Agreement ( SLA ) between and the Enterprise Windws Services t dcument: The technlgy services the Enterprise Windws Services prvides t the custmer. The targets

More information

THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM

THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM 1. Prgram Adptin The City University f New Yrk (the "University") develped this Identity Theft Preventin Prgram (the "Prgram") pursuant

More information

Customer Service Description

Customer Service Description Page: 1 f 10 Hewlett-Packard Cmpany HP Services Slutin Center Custm Prjects Prgram http://www.hp.cm/hps/ perfrmance & availability sftware services per event supprt & cnsulting Custmer Service Descriptin

More information

Multi-Year Accessibility Policy and Plan for NSF Canada and NSF International Strategic Registrations Canada Company, 2014-2021

Multi-Year Accessibility Policy and Plan for NSF Canada and NSF International Strategic Registrations Canada Company, 2014-2021 Multi-Year Accessibility Plicy and Plan fr NSF Canada and NSF Internatinal Strategic Registratins Canada Cmpany, 2014-2021 This 2014-21 accessibility plan utlines the plicies and actins that NSF Canada

More information

PCI Compliance Merchant User Guide

PCI Compliance Merchant User Guide PCI Cmpliance Merchant User Guide Table f Cntents Intrductin... 5 PCI Prgram Overview... 5 PCI10 2.0 Applicatin Tl Overview... 6 Lgin Prcess... 6 Update My Prfile... 7 Frgt Yur Passwrd... 8 Welcme Pages...

More information

Security Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview

Security Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview Security Services Service Descriptin Versin 1.00 Effective Date: 07/01/2012 Purpse This Enterprise Service Descriptin is applicable t Security Services ffered by the MN.IT Services and described in the

More information

IMPLEMENTATION DETAILS

IMPLEMENTATION DETAILS Plicy: Title: Status: 1. Intrductin ISP-I10 Payment Card Security Apprved Infrmatin Security Plicy Dcumentatin IMPLEMENTATION DETAILS 1.1. This dcument supprts implementatin f the "Payment Card Industry

More information

In addition to assisting with the disaster planning process, it is hoped this document will also::

In addition to assisting with the disaster planning process, it is hoped this document will also:: First Step f a Disaster Recver Analysis: Knwing What Yu Have and Hw t Get t it Ntes abut using this dcument: This free tl is ffered as a guide and starting pint. It is des nt cver all pssible business

More information

First Global Data Corp.

First Global Data Corp. First Glbal Data Crp. Privacy Plicy As f February 23, 2015 Ding business with First Glbal Data Crp. ("First Glbal", First Glbal Mney, "we" r "us", which includes First Glbal Data Crp. s subsidiary, First

More information

Durango Merchant Services QuickBooks SyncPay

Durango Merchant Services QuickBooks SyncPay Durang Merchant Services QuickBks SyncPay Gateway Plug-In Dcumentatin April 2011 Durang-Direct.cm 866-415-2636-1 - QuickBks Gateway Plug-In Dcumentatin... - 3 - Installatin... - 3 - Initial Setup... -

More information

SPECIFICATION. Hospital Report Manager Connectivity Requirements. Electronic Medical Records DRAFT. OntarioMD Inc. Date: September 30, 2010

SPECIFICATION. Hospital Report Manager Connectivity Requirements. Electronic Medical Records DRAFT. OntarioMD Inc. Date: September 30, 2010 OntariMD Inc. Electrnic Medical Recrds SPECIFICATION Hspital Reprt Manager Cnnectivity Requirements DRAFT Date: September 30, 2010 Versin: 1.0 2007-2010 OntariMD Inc. All rights reserved HRM EMR Cnnectivity

More information

Using PayPal Website Payments Pro UK with ProductCart

Using PayPal Website Payments Pro UK with ProductCart Using PayPal Website Payments Pr UK with PrductCart Overview... 2 Abut PayPal Website Payments Pr & Express Checkut... 2 What is Website Payments Pr?... 2 Website Payments Pr and Website Payments Standard...

More information

Merchant Processes and Procedures

Merchant Processes and Procedures Merchant Prcesses and Prcedures Table f Cntents EXHIBIT C 1. MERCHANT INTRODUCTION TO T-CHEK 3 1.1 Wh is T-Chek Systems? 3 1.2 Hw t Cntact T-Chek Systems 3 1.3 Hw t Recgnize T-Chek Frms f Payment 3 1.3.1

More information

Junos Pulse Instructions for Windows and Mac OS X

Junos Pulse Instructions for Windows and Mac OS X Juns Pulse Instructins fr Windws and Mac OS X When yu pen the Juns client fr the first time yu get the fllwing screen. This screen shws yu have n cnnectins. Create a new cnnectin by clicking n the + icn.

More information

Using Shift4 with Magento

Using Shift4 with Magento D O L L A R S O N T H E N E T Using Shift4 with Magent Using Shift4 with Magent Cpyright Ntice Shift4 Crpratin 1491 Center Crssing Rad Las Vegas, NV 89144 702.597.2480 www.shift4.cm inf@shift4.cm Dcument

More information

Service Level Agreement (SLA) Hosted Products. Netop Business Solutions A/S

Service Level Agreement (SLA) Hosted Products. Netop Business Solutions A/S Service Level Agreement (SLA) Hsted Prducts Netp Business Slutins A/S Cntents 1 Service Level Agreement... 3 2 Supprt Services... 3 3 Incident Management... 3 3.1 Requesting service r submitting incidents...

More information

Symantec User Authentication Service Level Agreement

Symantec User Authentication Service Level Agreement Symantec User Authenticatin Service Level Agreement Overview and Scpe This Symantec User Authenticatin service level agreement ( SLA ) applies t Symantec User Authenticatin prducts/services, such as Managed

More information

MigrationWiz HIPAA Compliant Migration. Focus on data migration, not regulation. BitTitan Global Headquarters: 3933 Lake Washington Blvd NE Suite 200

MigrationWiz HIPAA Compliant Migration. Focus on data migration, not regulation. BitTitan Global Headquarters: 3933 Lake Washington Blvd NE Suite 200 MigratinWiz HIPAA Cmpliant Migratin Fcus n data migratin, nt regulatin. BitTitan Glbal Headquarters: 3933 Lake Washingtn Blvd NE Suite 200 Table f Cntents Kirkland, WA 98033 www.bittitan.cm sales@bittitan.cm

More information

StarterPak: Dynamics CRM Opportunity To NetSuite Sales Order

StarterPak: Dynamics CRM Opportunity To NetSuite Sales Order StarterPak: Dynamics CRM Opprtunity T NetSuite Sales Order Versin 1.0 7/20/2015 Imprtant Ntice N part f this publicatin may be reprduced, stred in a retrieval system, r transmitted in any frm r by any

More information

IT Help Desk Service Level Expectations Revised: 01/09/2012

IT Help Desk Service Level Expectations Revised: 01/09/2012 IT Help Desk Service Level Expectatins Revised: 01/09/2012 Overview The IT Help Desk team cnsists f six (6) full time emplyees and fifteen (15) part time student emplyees. This team prvides supprt fr 25,000+

More information

Plus500CY Ltd. Statement on Privacy and Cookie Policy

Plus500CY Ltd. Statement on Privacy and Cookie Policy Plus500CY Ltd. Statement n Privacy and Ckie Plicy Statement n Privacy and Ckie Plicy This website is perated by Plus500CY Ltd. ("we, us r ur"). It is ur plicy t respect the cnfidentiality f infrmatin and

More information

FINRA Regulation Filing Application Batch Submissions

FINRA Regulation Filing Application Batch Submissions FINRA Regulatin Filing Applicatin Batch Submissins Cntents Descriptin... 2 Steps fr firms new t batch submissin... 2 Acquiring necessary FINRA accunts... 2 FTP Access t FINRA... 2 FTP Accunt n FINRA s

More information

FCA US INFORMATION & COMMUNICATION TECHNOLOGY MANAGEMENT

FCA US INFORMATION & COMMUNICATION TECHNOLOGY MANAGEMENT EDI ROADMAP FCA US INFORMATION & COMMUNICATION TECHNOLOGY MANAGEMENT FCA US EDI Radmap Business Requirement All FCA suppliers and carriers are required t establish an Electrnic Data Interchange (EDI) cnnectin.

More information

IN-HOUSE OR OUTSOURCED BILLING

IN-HOUSE OR OUTSOURCED BILLING IN-HOUSE OR OUTSOURCED BILLING Medical billing is ne f the mst cmplicated aspects f running a medical practice. With thusands f pssible cdes fr diagnses and prcedures, and multiple payers, the ability

More information

Data Protection Policy & Procedure

Data Protection Policy & Procedure Data Prtectin Plicy & Prcedure Page 1 Prcnnect Marketing Data Prtectin Plicy V1.2 Data prtectin plicy Cntext and verview Key details Plicy prepared by: Adam Haycck Apprved by bard / management n: 01/01/2015

More information

Licensing Windows Server 2012 for use with virtualization technologies

Licensing Windows Server 2012 for use with virtualization technologies Vlume Licensing brief Licensing Windws Server 2012 fr use with virtualizatin technlgies (VMware ESX/ESXi, Micrsft System Center 2012 Virtual Machine Manager, and Parallels Virtuzz) Table f Cntents This

More information

Cloud Services Frequently Asked Questions FAQ

Cloud Services Frequently Asked Questions FAQ Clud Services Frequently Asked Questins FAQ Revisin 1.0 6/05/2015 List f Questins Intrductin What is the Caradigm Intelligence Platfrm (CIP) clud? What experience des Caradigm have hsting prducts like

More information

Data Protection Act Data security breach management

Data Protection Act Data security breach management Data Prtectin Act Data security breach management The seventh data prtectin principle requires that rganisatins prcessing persnal data take apprpriate measures against unauthrised r unlawful prcessing

More information

FINANCIAL SERVICES FLASH REPORT

FINANCIAL SERVICES FLASH REPORT FINANCIAL SERVICES FLASH REPORT Draft Regulatry Cmpliance Management Guideline Released by the Office f the Superintendent f Financial Institutins May 5, 2014 On April 30, 2014, the Office f the Superintendent

More information

HP ValuPack Consulting Description OpenVMS Engineering Change Order (ECO) Patch List

HP ValuPack Consulting Description OpenVMS Engineering Change Order (ECO) Patch List HP ValuPack Cnsulting Descriptin OpenVMS Engineering Change Order (ECO) Patch List HP ValuPacks are standardized cnsulting services, prvided by HP Slutin Center Service Prfessinals, with pre-defined custm

More information

Electronic Data Interchange (EDI) Requirements

Electronic Data Interchange (EDI) Requirements Electrnic Data Interchange (EDI) Requirements 1.0 Overview 1.1 EDI Definitin 1.2 General Infrmatin 1.3 Third Party Prviders 1.4 EDI Purchase Order (850) 1.5 EDI PO Change Request (860) 1.6 Advance Shipment

More information

Implementing SQL Manage Quick Guide

Implementing SQL Manage Quick Guide Implementing SQL Manage Quick Guide The purpse f this dcument is t guide yu thrugh the quick prcess f implementing SQL Manage n SQL Server databases. SQL Manage is a ttal management slutin fr Micrsft SQL

More information

Presentation: The Demise of SAS 70 - What s Next?

Presentation: The Demise of SAS 70 - What s Next? Presentatin: The Demise f SAS 70 - What s Next? September 15, 2011 1 Presenters: Jeffrey Ziplw - Partner BlumShapir Jennifer Gerasimv Senir Manager Delitte. SAS 70 Backgrund and Overview Purpse f a SAS

More information

Office Use Only Account # Approved By:

Office Use Only Account # Approved By: Office Use Only Accunt # Apprved By: Dealer Applicatin Please cmplete and submit this applicatin alng with a cpy f yur (EIN) Federal Tax Id Number certificate befre placing yur 1 st rder. We will review

More information

Support Services. v1.19 / 2015-07-02

Support Services. v1.19 / 2015-07-02 Supprt Services v1.19 / 2015-07-02 Intrductin - Table f Cntents 1 Intrductin... 3 2 Definitins... 4 3 Supprt Prgram Feature Overview... 5 4 SLA fr the Supprt Services... 6 4.1 Standard Supprt... 6 4.2

More information

PCI DSS Cloud Computing Guidelines

PCI DSS Cloud Computing Guidelines Standard: PCI Data Security Standard (PCI DSS) Versin: 2.0 Date: February 2013 Authr: Clud Special Interest Grup PCI Security Standards Cuncil Infrmatin Supplement: PCI DSS Clud Cmputing Guidelines Table

More information

Internal Audit Charter and operating standards

Internal Audit Charter and operating standards Internal Audit Charter and perating standards 2 1 verview This dcument sets ut the basis fr internal audit: (i) the Internal Audit charter, which establishes the framewrk fr Internal Audit; and (ii) hw

More information

PROCESSING THROUGH MPS and AVIMARK

PROCESSING THROUGH MPS and AVIMARK Befre using McAllister Payment Slutins (MPS) as yur pint-f-sale and/r integrated credit card prcess slutin, the McAllister Payment Slutins PA- DSS Implementatin Guide must be reviewed in its entirety.

More information

Intel Hybrid Cloud Management Portal Update FAQ. Audience: Public

Intel Hybrid Cloud Management Portal Update FAQ. Audience: Public Intel Hybrid Clud Management Prtal Update FAQ Audience: Public Purpse: Prepare fr the launch f the Intel Hybrid Clud Platfrm multi-user/multi-tier update Versin: Final FAQs What s new in the Intel Hybrid

More information

HP ValuPack Consulting Description Security Vulnerability Solution ValuPack

HP ValuPack Consulting Description Security Vulnerability Solution ValuPack HP ValuPack Cnsulting Descriptin Security Vulnerability Slutin ValuPack HP ValuPacks are standardized cnsulting services, prvided by HP Cntact Center Service Prfessinals, with pre-defined custm deliverables

More information

Improved Data Center Power Consumption and Streamlining Management in Windows Server 2008 R2 with SP1

Improved Data Center Power Consumption and Streamlining Management in Windows Server 2008 R2 with SP1 Imprved Data Center Pwer Cnsumptin and Streamlining Management in Windws Server 2008 R2 with SP1 Disclaimer The infrmatin cntained in this dcument represents the current view f Micrsft Crpratin n the issues

More information

HP ValuPack Consulting Description Red Hat Linux System Performance Monitoring & Tuning

HP ValuPack Consulting Description Red Hat Linux System Performance Monitoring & Tuning HP ValuPack Cnsulting Descriptin Red Hat Linux System Perfrmance Mnitring & Tuning HP ValuPacks are standardized cnsulting services, prvided by HP Slutin Center Service Prfessinals, with pre-defined custm

More information

Bill Payment Agreement & Disclosures

Bill Payment Agreement & Disclosures Bill Payment Agreement & Disclsures Welcme t Online Banking Bill Payment Service. Use f the Bill Payment Service indicates acceptance f terms and cnditins set frth in the Online Banking Agreement & Disclsures

More information

Dates Visa MasterCard Discover American Express. Acquirers, subprocessors. support EMV International ATM liability shift 2

Dates Visa MasterCard Discover American Express. Acquirers, subprocessors. support EMV International ATM liability shift 2 Netwrk Updates Summer 2015 We are cmmitted t wrking clsely with yu n achieving yur business gals. As a part f this cmmitment, we carefully mnitr Netwrk changes and summarize them fr yur cnvenience. Fllwing

More information

Nuance Healthcare Services Project Delivery Methodology

Nuance Healthcare Services Project Delivery Methodology NUANCE PROFESSIONAL SERVICES Nuance Healthcare Services 2008 Nuance Cmmunicatins, Inc. All rights reserved. Nuance Healthcare Services 1 INTRODUCTION This dcument describes the prject management methdlgy

More information

HP ValuPack Consulting Description OpenVMS Replacement Software Distribution Kit

HP ValuPack Consulting Description OpenVMS Replacement Software Distribution Kit HP ValuPack Cnsulting Descriptin OpenVMS Replacement Sftware Distributin Kit HP ValuPacks are standardized cnsulting services, prvided by HP Cntact Center Service prfessinals, with pre-defined custm deliverables

More information

9 ITS Standards Specification Catalog and Testing Framework

9 ITS Standards Specification Catalog and Testing Framework New Yrk State ITS Standards Specificatin Develpment Guide 9 ITS Standards Specificatin Catalg and Testing Framewrk This chapter cvers cncepts related t develpment f an ITS Standards Specificatin Catalg

More information

Payment Card Industry (PCI) Qualified Integrators and Resellers

Payment Card Industry (PCI) Qualified Integrators and Resellers Payment Card Industry (PCI) Qualified Integratrs and Resellers Prgram Guide Versin 3.0 September 2015 Dcument Changes Date Versin Descriptin August 2012 1.0 Initial release f the PCI Qualified Integratrs

More information

Using McAllister Payment Solutions and Updating to AVImark version 2009.0.0.7263

Using McAllister Payment Solutions and Updating to AVImark version 2009.0.0.7263 Using McAllister Payment Slutins and Updating t AVImark versin 2009.0.0.7263 Befre the cnfiguratin f McAllister Payment Slutins (MPS) and AVImark, the McAllister Payment Slutins PA-DSS Implementatin Guide

More information

HP Point of Sale FAQ Warranty, Care Pack Service & Support. Limited warranty... 2 HP Care Pack Services... 3 Support... 3

HP Point of Sale FAQ Warranty, Care Pack Service & Support. Limited warranty... 2 HP Care Pack Services... 3 Support... 3 HP Pint f Sale FAQ Warranty, Care Pack Service & Supprt Limited warranty... 2 HP Care Pack Services... 3 Supprt... 3 Limited warranty Q: What des a 3/3/3 limited warranty mean? A: HP Retail Pint f Sale

More information

Access to the Ashworth College Online Library service is free and provided upon enrollment. To access ProQuest:

Access to the Ashworth College Online Library service is free and provided upon enrollment. To access ProQuest: PrQuest Accessing PrQuest Access t the Ashwrth Cllege Online Library service is free and prvided upn enrllment. T access PrQuest: 1. G t http://www.ashwrthcllege.edu/student/resurces/enterlibrary.html

More information

ISO Management Systems. Guidance on understanding the benefits of an ISO Management System

ISO Management Systems. Guidance on understanding the benefits of an ISO Management System ISO Management Systems Guidance n understanding the benefits f an ISO Management System Welcme & Intrductins 4031 University Drive, 206, Fairfax, VA 22030 3 Grant Square, 243, Hinsdale, IL 60521 www.radiancmpliance.cm

More information

Agency Fund (Non-Student Org X-Fund) Guidelines Last Revision: 12/7/2009

Agency Fund (Non-Student Org X-Fund) Guidelines Last Revision: 12/7/2009 Agency Fund (Nn-Student Org X-Fund) Guidelines Last Revisin: 12/7/2009 Definitin f Agency Fund: An Agency Fund cnsists f funds held by Eastern Michigan University as custdian r fiscal agent fr thers, such

More information

Installation Guide Marshal Reporting Console

Installation Guide Marshal Reporting Console Installatin Guide Installatin Guide Marshal Reprting Cnsle Cntents Intrductin 2 Supprted Installatin Types 2 Hardware Prerequisites 2 Sftware Prerequisites 3 Installatin Prcedures 3 Appendix: Enabling

More information

Licensing Windows Server 2012 R2 for use with virtualization technologies

Licensing Windows Server 2012 R2 for use with virtualization technologies Vlume Licensing brief Licensing Windws Server 2012 R2 fr use with virtualizatin technlgies (VMware ESX/ESXi, Micrsft System Center 2012 R2 Virtual Machine Manager, and Parallels Virtuzz) Table f Cntents

More information

CSC IT practix Recommendations

CSC IT practix Recommendations CSC IT practix Recmmendatins CSC Healthcare 28th January 2014 Versin 3 www.csc.cm/glbalhealthcare Cntents 1 Imprtant infrmatin 3 2 IT Specificatins 4 2.1 Wrkstatins... 4 2.2 Minimum Server with 1-5 wrkstatins

More information

FORM ADV (Paper Version) UNIFORM APPLICATION FOR INVESTMENT ADVISER REGISTRATION AND REPORT FORM BY EXEMPT REPORTING ADVISERS

FORM ADV (Paper Version) UNIFORM APPLICATION FOR INVESTMENT ADVISER REGISTRATION AND REPORT FORM BY EXEMPT REPORTING ADVISERS APPENDIX A FORM ADV (Paper Versin) UNIFORM APPLICATION FOR INVESTMENT ADVISER REGISTRATION AND REPORT FORM BY EXEMPT REPORTING ADVISERS Frm ADV: General Instructins Read these instructins carefully befre

More information

SaaS Listing CA Cloud Service Management

SaaS Listing CA Cloud Service Management SaaS Listing CA Clud Service Management 1. Intrductin This dcument prvides standards and features that apply t the CA Clud Service Management (CSM) SaaS ffering prvided t the Custmer and defines the parameters

More information

An Introduction To Credit Card Processing

An Introduction To Credit Card Processing An Intrductin T Credit Card Prcessing Davisware 514 Market Lp West Dundee, IL 60118 Phne: (847) 426-6000 Fax: (847) 426-6027 Cntents are the exclusive prperty f Davisware. Cpyright 2011. All Rights Reserved.

More information

WEB APPLICATION SECURITY TESTING

WEB APPLICATION SECURITY TESTING WEB APPLICATION SECURITY TESTING Cpyright 2012 ps_testware 1/7 Intrductin Nwadays every rganizatin faces the threat f attacks n web applicatins. Research shws that mre than half f all data breaches are

More information

ScaleIO Security Configuration Guide

ScaleIO Security Configuration Guide ScaleIO Security Cnfiguratin Guide 1 Intrductin This sectin prvides an verview f the settings available in ScaleIO t ensure secure peratin f the prduct: Security settings are divided int the fllwing categries:

More information

Service Request Form

Service Request Form New Prfessinal Services Order Frm Editable PDF Service Request Frm If yu have any questins while filling ut this frm, please cntact yur CDM, email Prfessinal Services at PS@swipeclck.cm, r call 888-223-3250

More information

Christchurch Polytechnic Institute of Technology Access Control Security Standard

Christchurch Polytechnic Institute of Technology Access Control Security Standard CPIT Crprate Services Divisin: ICT Christchurch Plytechnic Institute f Technlgy Access Cntrl Security Standard Crprate Plicies & Prcedures Sectin 1: General Administratin Dcument CPP121a Principles Infrmatin

More information

Introduction LIVE MAPS UNITY PORTAL / INSTALLATION GUIDE. 2015 Savision B.V. savision.com All rights reserved.

Introduction LIVE MAPS UNITY PORTAL / INSTALLATION GUIDE. 2015 Savision B.V. savision.com All rights reserved. Rev 7.5.0 Intrductin 2 LIVE MAPS UNITY PORTAL / INSTALLATION GUIDE 2015 Savisin B.V. savisin.cm All rights reserved. This manual, as well as the sftware described in it, is furnished under license and

More information

FAYETTEVILLE STATE UNIVERSITY

FAYETTEVILLE STATE UNIVERSITY FAYETTEVILLE STATE UNIVERSITY IDENTITY THEFT PREVENTION (RED FLAGS RULE) Authrity: Categry: Issued by the Fayetteville State University Bard f Trustees. University-Wide Applies t: Administratrs Faculty

More information

Using PayPal Website Payments Pro with ProductCart

Using PayPal Website Payments Pro with ProductCart Using PayPal Website Payments Pr with PrductCart Overview... 2 Abut PayPal Website Payments Pr & Express Checkut... 3 What is Website Payments Pr?... 3 Website Payments Pr and Website Payments Standard...

More information

GETTING STARTED With the Control Panel Table of Contents

GETTING STARTED With the Control Panel Table of Contents With the Cntrl Panel Table f Cntents Cntrl Panel Desktp... 2 Left Menu... 3 Infrmatin... 3 Plan Change... 3 Dmains... 3 Statistics... 4 Ttal Traffic... 4 Disk Quta... 4 Quick Access Desktp... 4 MAIN...

More information

Introduction to Mindjet MindManager Server

Introduction to Mindjet MindManager Server Intrductin t Mindjet MindManager Server Mindjet Crpratin Tll Free: 877-Mindjet 1160 Battery Street East San Francisc CA 94111 USA Phne: 415-229-4200 Fax: 415-229-4201 mindjet.cm 2013 Mindjet. All Rights

More information

Session 9 : Information Security and Risk

Session 9 : Information Security and Risk INFORMATION STRATEGY Sessin 9 : Infrmatin Security and Risk Tharaka Tennekn B.Sc (Hns) Cmputing, MBA (PIM - USJ) POST GRADUATE DIPLOMA IN BUSINESS AND FINANCE 2014 Infrmatin Management Framewrk 2 Infrmatin

More information

Learning Central Business Portal Best Practices Guide

Learning Central Business Portal Best Practices Guide Learning Central Business Prtal Best Practices Guide Practices Guide Objective: This dcument prvides Micrsft Sftware Assurance Benefit Administratrs with best practices fr implementing E- Learning thrugh

More information