[BESAdmin-Announcements] SCM Content UPDATE: PCI DSS Checklist for Windows 2008

Announcements for BES Administrators besadmin-announcements at bigmail.bigfix.com
Tue May 31 08:28:49 PDT 2016 

IBM BigFix Compliance PCI Add-on
Security Configuration Management (SCM)

The IBM BigFix Compliance team has updated the content for the Payment 
Card Industry Data Security Standard (PCI DSS) checklist for Windows 2008. 
See details below.

Updated Site:
PCI DSS Checklist for Windows 2008, version 6

*The site version is provided for air-gap customers.

Changelist:
·       The checks “Verify that Administrator account on the system is set 
to Disabled” (pcidss-2.1.b.3) and “Verify that Guest account on the system 
is set to Disabled” (pcidss-2.1.b.4) are updated to resolve APAR IV85006 - 
Long Evaluation Cycle Time.
·       The check named “Verify that "Interactive Logon: Do not require 
CTRL+ALT+DEL" is set to Disabled” (pcidss-8.2_0.5) is updated due to the 
incorrect desired value.
·       The check named “Verify that "Audit Policy: DS Access: Directory 
Service Changes" for Enterprise Domain Controller is set to Success” 
(pcidss-10.2.2_6.1) is removed because Domain Controller is not supported.
·       The source ID for the following checks are renumbered:
o       Verify that "Local Policy: Debug programs" is set to 
Administrators
Source ID pcidss-7.2.3_5 is updated to pcidss-7.2.2_59.
o       Verify that "Local Policy: Deny log on locally" is set to Guests
Source ID pcidss-7.2.3_6 is updated to pcidss-7.2.2_60. 
Actions to Take:
·       If you use custom sites, update your custom sites accordingly to 
use the latest content. You can synchronize your content by using the 
Synchronize Custom Checks wizard. For more information, see 
https://ibm.biz/Bd4LBt.
·       If you have not subscribed to the site above, you can use the 
License Overview dashboard to enable and gather the sites. Note that you 
must be entitled to the new content and you are using IBM BigFix version 
9.0 and later.
·       If you were involved in the Early Access Program for IBM BigFix 
Compliance PCI Add-on, unsubscribe from the beta sites to avoid any 
conflicting issues with the production sites. If you do not unsubscribe 
from the beta sites, the content in the production sites will fail.

Documentation Resources:
To know more about IBM BigFix Compliance PCI Add-on, see the IBM BigFix 
Compliance PCI Add-on User's Guide. 

We hope you find this latest release of SCM content useful and effective. 
Thank you!

 -- The IBM BigFix Compliance team


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20160531/883b060a/attachment.html>

More information about the Besadmin-announcements mailing list