[BESAdmin-Announcements] IBM BigFix Compliance PCI Add-on: Updated PCI DSS Checklists for Windows 7, Windows Embedded Standard 7, and Windows Embedded POSReady 7 published 2017-01-18
Announcements for BES Administrators
besadmin-announcements at bigmail.bigfix.com
Wed Jan 18 08:25:10 PST 2017
Product:
IBM BigFix Compliance PCI Add-on
Title:
Updated the PCI DSS Checklists for various Windows 7 sites with improved
data presentation
Category:
Updated PCI DSS checklist
Published Benchmark:
Payment Card Industry Data Security Standard v3.2
Details:
The IBM BigFix Compliance PCI Add-on team has updated the content of the
PCI DSS checklist for Windows 7, Windows Embedded Standard 7, and Windows
Embedded POSReady 7 to improve the data presentation. Details are as
follows:
The measured values for some checks, which can be viewed in the BigFix
console, analyses, and SCA reports, are formatted for enhanced
readability. The results now clearly present the desired system
configuration setting, as specified by a check, against the actual setting
on the endpoint.
Some titles and descriptions of the checks are updated with the
standardized format and extensions.
The check Verify that "Change the system time" is set to 'Administrators,
LOCAL SERVICE' (pcidss-10.4.2.a_3) is added to each site.
The check Verify that "Enforce Password History" is set to 5 or more
(pcidss-8.2.5.a) is updated to resolve APAR IV91721. The new check name,
Verify that "Enforce Password History" is set to 4 or more, reflects the
change.
The following PCI DSS Policies are refreshed with the latest checklist
content for the listed sites:
PCI DSS Checklists
PCI DSS Milestones View
PCI DSS Requirements View
Published Sites:
PCI DSS Checklist for Windows 7, version 7
PCI DSS Checklist for Windows Embedded Standard 7, version 4
PCI DSS Checklist for Windows Embedded POSReady 7, version 6
PCI DSS Reporting, version 2
*The site version is provided for air-gap customers
Actions to Take:
Run an import in BigFix Compliance Analytics (formerly known as SCA) to
see the latest results.
If you use custom sites, update your custom sites accordingly to use the
latest content. You can synchronize your content by using the Synchronize
Custom Checks wizard. For more information, see https://ibm.biz/Bd4LBt.
If you have not subscribed to the sites above, you can use the License
Overview dashboard to enable and gather the sites. Note that you must be
entitled to the new content and you are using IBM BigFix version 9.2 and
later.
If you were involved in the Beta / Early Access Program for IBM BigFix
Compliance PCI Add-on, unsubscribe from the beta sites to avoid any
conflicting issues with the production sites. If you do not unsubscribe
from the beta sites, the content in the production sites will fail.
More information:
To know more information about the IBM BigFix Compliance PCI DSS
checklists, see:
IBM BigFix Compliance PCI Add-on User's Guide in Knowledge Center:
https://ibm.biz/BdrWCq
IBM BigFix Wiki: https://ibm.biz/BdrBtk
Release Announcements in the IBM BigFix Forum: https://ibm.biz/Bdsspw
We hope you find this latest release of PCI DSS content useful and
effective.
Thank you!
-- The IBM BigFix Compliance PCI Add-on team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20170119/f6fe68e9/attachment.html>
More information about the Besadmin-announcements
mailing list