Skip to navigation content (Press Enter).

PCI C-VT Host Security Standard

The following standard details the minimum requirements that must be adhered to when installing and configuring a host system for C-VT (virtual terminal) credit card transaction processing to maintain PCI compliance.

Scope

This standard applies to any computer system that is used to access a virtual terminal for the purposes of credit card transaction processing.

Standard for deploying secure and PCI compliant C-VT hosts

PCI Compliant C-VT hosts must comply with the guidelines for deploying secure servers.  Additionally:

Enable physical controls...

  • Physical access to C-VT host should be restricted

Enable and maintain local technical controls...

  • Uninstall software and disable services and hardware that are not required by the host
    • Kioware Kiosk software must be installed and configured appropriately
    • USB ports must be disabled
    • File and Print Sharing must be disabled
    • Wireless networking must be disabled
    • Power Management must be configured appropriately
  • Configure the host to automatically install security updates and/or patches:
  • Install, maintain and use anti-virus and/or anti-malware software:
    • Trend Micro Officescan Client must be installed and configured appropriately
  • Enable, configure and monitor host firewall, host-based IPS and/or local access control lists such as .htaccess file. 
    • Settings must allow only:
      • Outbound http/https
      • Outbound UDP 514 to IT Security syslog host
      • Windows Update
      • Trend Micro AV Update
  • Collect, maintain and review system audit logs regularly
    • Event Log Forwarder must be installed and configured appropriately

Control remote access...

  • Remote access should be granted using the principle of least privilege and authority*
    • Remote Desktop access must be disabled

Control network access...

  • Network access should be granted using the principle of least privilege and authority*
    • IP Address must be configured statically

Service Bulletins

Citrix Receiver Client Update

UTS asks Citrix users to upgrade Citrix Receiver Client to the most current version by February 28, 2017. See UTS Citrix website for installation and removal information.


Mosaic Upgraded Interface

Service Desk

Client Self Service:
https://servicedesk.mcmaster.ca
Hours: Monday - Friday
8:30 am - 4:30 pm
Phone: 905-525-9140 x24357 (2HELP)
Email: uts@mcmaster.ca
Location: Main Campus BSB Rm. 245
Service Catalogue:
http://www.mcmaster.ca/uts
-->

Great Idea Site

Great Idea