[BESAdmin-Announcements] SCM Content UPDATE: Payment Card Industry Data Security Standard (PCI DSS) Checklists

[Announcements for BES Administrators]

IBM BigFix Compliance PCI Add-on
Security Configuration Management (SCM)


The IBM BigFix Compliance team has updated the content for various Payment
Card Industry Data Security Standard (PCI DSS) checklists to enhance
usability and improve customer experience.



Updated Sites:
PCI DSS Checklist for MS IIS, version 4
PCI DSS Checklist for MS SQL 2008, version 5
PCI DSS Checklist for MS SQL 2012, version 6
PCI DSS Checklist for RHEL 5, version 2
PCI DSS Checklist for RHEL 6, version 4
PCI DSS Checklist for RHEL 7, version 3
PCI DSS Checklist for Windows 2008, version 5
PCI DSS Checklist for Windows 2012, version 6
PCI DSS Checklist for Windows Embedded POSReady 2009, version 3

*Site versions are provided for air-gap customers.



Changelist:

      Supplemental reports based on the PCI DSS Requirements and Milestones
      Reporting are made available. BigFix provides an installation task to
      enable the additional reports by using custom sites. The installer is
      available in the PCI DSS Checklist for Windows 2012 and PCI DSS
      Checklist for RHEL 6 sites.

      Some titles and descriptions were updated with the standardized
      format and extensions.

      Fixlet metadata were updated to contain unique identifiers to improve
      synchronization between external and custom sites. Note: You must
      create a new custom checklist and import the latest content from the
      external site to the custom site.

      Fixlets were updated to support Unicode character, which enables
      consistent encoding, representation, and handling of text across
      systems and settings of local pages.



Actions to Take:

      If you use custom sites, ensure that you use the updated content in
      your custom sites. Delete the old custom checklist and create a new
      one with the updated content from the external sites.

      To access the PCI DSS Requirements and Milestones Reporting, you must
      complete the installation steps described in BigFix Compliance Add-on
      Requirements and Milestones Reporting Guide.

      If you have not subscribed to any of the sites above, you can use the
      License Overview dashboard to enable and gather the sites. Note that
      you must be entitled to the new content and you are using IBM BigFix
      version 9.0 and later.

      If you were involved in the Early Access Program for IBM BigFix
      Compliance PCI Add-on, unsubscribe from the beta sites to avoid any
      conflicting issues with the production sites. If you do not
      unsubscribe from the beta sites, the content in the production sites
      will fail.


Documentation Resources:
To know more about IBM BigFix Compliance PCI Add-on, see the IBM BigFix
Compliance PCI Add-on User's Guide.

For detailed information about the supplemental reports based on the PCI
DSS Requirements and Milestones, see BigFix Compliance Add-on Requirements
and Milestones Reporting Guide from the IBM BigFix devWorks wiki.


We hope you find this latest release of SCM content useful and effective.
Thank you!



 -- The IBM BigFix Compliance team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20160325/760a20ef/attachment.html>