[BESAdmin-Announcements] IBM BigFix Compliance PCI Add-on: Updated PCI DSS Checklist for Windows 2008 published 2016-09-14
Announcements for BES Administrators
besadmin-announcements at bigmail.bigfix.com
Wed Sep 14 03:44:43 PDT 2016
Product:
IBM BigFix Compliance PCI Add-on
Title:
Updated PCI DSS Checklist for Windows 2008 with improved data presentation
Category:
Updated PCI DSS Checklist
Published Benchmark:
Payment Card Industry Data Security Standard v3.2
Details:
The IBM BigFix Compliance PCI Add-on team has updated the content of the
PCI DSS checklist for Windows 2008 to improve the data presentation.
Details are as follows:
The measured values for each check, which can be viewed in the BigFix
console, analyses, and SCA reports are formatted for enhanced readability.
The results now clearly present the desired system configuration setting,
as specified by a check, against the actual setting on the endpoint.
Some titles and descriptions of the checks are updated with the
standardized format and extensions.
The PCI DSS checklist for Windows 2008 also contains the following
additional checks:
Verify that "User Account Control: Behavior of the elevation prompt for
administrators in Admin Approval Mode" on Windows 2008 R2 is set to
'prompt for credentials on the secure desktop' (pcidss-7.2.2_43.3)
Verify that "Bypass traverse checking" on Windows 2008 is set to
'Authenticated Users, Network Service, Local Service, Administrators,
Backup Operators' (pcidss-7.2.2_6.3)
Verify that "Change the system time" is set to 'Administrators, Local
Service' (pcidss-10.4.2.a_3)
Published Site:
PCI DSS Checklist for Windows 2008, version 9
*The site version is provided for air-gap customers.
Actions to Take:
If you use custom sites, update your custom sites accordingly to use the
latest content. You can synchronize your content by using the Synchronize
Custom Checks wizard. For more information, see https://ibm.biz/Bd4LBt.
If you have not subscribed to the site above, you can use the License
Overview dashboard to enable and gather the sites. Note that you must be
entitled to the new content and you are using IBM BigFix version 9.2 and
later.
If you were involved in the Beta / Early Access Program for IBM BigFix
Compliance PCI Add-on, unsubscribe from the beta sites to avoid any
conflicting issues with the production sites. If you do not unsubscribe
from the beta sites, the content in the production sites will fail.
More information:
To know more information about the IBM BigFix Compliance PCI DSS
checklists, see:
IBM BigFix Compliance PCI Add-on User's Guide in the BigFix developerWorks
wiki: https://ibm.biz/BdrBtk
SCM Checklist Deployment: https://ibm.biz/BdrBtU
IBM Blog for Checklist Release Announcement: https://ibm.biz/BdrBt5
BigFix forums: https://forum.bigfix.com/
We hope you find this latest release of PCI DSS content useful and
effective. Thank you!
-- The IBM BigFix Compliance PCI Add-on team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20160914/af104811/attachment.html>
More information about the Besadmin-announcements
mailing list