Difference between revisions of "PCI Compliance"

From Hostek.com Wiki
Jump to: navigation, search
(Common PCI Compliance Resolutions)
Line 11: Line 11:
  
 
==Common PCI Compliance Resolutions==
 
==Common PCI Compliance Resolutions==
===Disable SSLv2===
 
'''NOTE:  Editing the Registry can be dangerous.  Only do this if you know what you are doing.  Otherwise, submit a support ticket and we can do this for you.'''
 
  
Follow these steps:
+
===Disable SSLv2 & Strong Cyphers Only & Strong Protocols Only===
#Open '''Regedit''' (Start, Run, RegEdit)
+
If you are on a shared server, please open a support ticket and attach the PCI scan report.
#Browse to '''HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0'''
+
##If there is a Server key (looks like a folder) then go to next main step
+
###Look for a Dword entry for Enabled and make sure it has a value of 0 (stop now... you are finished)
+
##If there is NOT a Server key, Right click on the SSL 2.0 key and click New > Key and create a new key named Server
+
#Right click on the Server key and choose Add > Dword and set the new value (first field)to Enabled and Value (2nd field) set to 0
+
  
 +
For VPS's:  This generally applies to a Windows based server.  If you see one of these items on your PCI scan report, download this zip [http://hostek.com/wikifiles/disablessl2-strongcyphersonly-strongprotocolsonly.zip] and extract the appropriate .reg file and put that on your VPS and double click it to make the appropriate registry change to fix the issue.  Generally if one of these show on your report, we suggest running all three .reg files to fully take care of the issue at one time.
  
[[Category:Infrastructure]]
+
 
 +
 
 +
[[Category:VPS]]

Revision as of 15:59, 22 August 2012


hostek.com

PCI compliance requires quarterly scans from a PCI compliance vendor. Hostek.com goes above and beyond this requirement by having regular scans from two different PCI compliance vendors. One vendor's scans are done quarterly. The other's scans are done nightly. This ensures that all potential PCI compliance issues are accurately identified and dealt with promptly.


Datacenter

The data center where the hostek.com equipment is housed maintains SSAE 16 Certification (audit report). This replaced the SAS 70 Type 2 Certification.

Common PCI Compliance Resolutions

Disable SSLv2 & Strong Cyphers Only & Strong Protocols Only

If you are on a shared server, please open a support ticket and attach the PCI scan report.

For VPS's: This generally applies to a Windows based server. If you see one of these items on your PCI scan report, download this zip [1] and extract the appropriate .reg file and put that on your VPS and double click it to make the appropriate registry change to fix the issue. Generally if one of these show on your report, we suggest running all three .reg files to fully take care of the issue at one time.