Internal Network Scans?

This forum is dedicated to answering AbleCommerce 7.0 questions about PCI certification and compliance.
Post Reply
sweeperq
Commodore (COMO)
Commodore (COMO)
Posts: 497
Joined: Tue Jan 03, 2006 2:45 pm

Internal Network Scans?

Post by sweeperq » Tue Nov 23, 2010 11:17 am

What is everyone using for your internal network scans? We use McAfee Secure for our ecommerce site, and the bank makes us use Trustwave for the quarterly web scans, but we don't yet have a solution for the internal network scans. We need to do the internal network scans because we take phone orders and enter them into AC7 through our work computers. Any computer that touches the credit card # is subject to PCI requirements. I think Trustwave has an internal security appliance, but I'm guessing it costs a heck of a lot more than the "non-compliance" fee the bank charges. So I'm curious what others are using?

Anybody from AbleCommerce have suggestions? You've gone through PCI Certification so you know how strict the requirements are. How do you handle the people that order with credit card over the phone and remain in compliance?

Post Reply