Announcement

Collapse
No announcement yet.

Security Metrics - Latest Change of Scan Failure Causes

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    Security Metrics - Latest Change of Scan Failure Causes

    Hi

    We run several adult webshops and are now finding that Security Metrics are failing ours sites at level 4 - Non-Compliant because they feature the word "erotic" (amongst others) - it would be impossible to sell adult toys (via google searches) without using that word

    Yet they are insisting on it!!!! and BMS insist on them - its ridiculous! BMS know and knew we when opened the account what we sold and were happy with the items - all of which are 100% legal to sell/own

    Security Metrics are getting worse with their PCI Compilance failures and wont even response to complaints about them

    Any ideas????

    Thanks
    Jane
    Jane
    Tags: None
    #2
    The way I see it is this: if you use a PSP then you do not need to have anything to do with Security Metrics. For MOTO, you can complete a self-assessment and so long as your office procedures are secure, you are covered.
    Reusable Snore Earplugs : Sample Earplugs - Wax Earplugs - Women's Earplugs - Children's Earplugs - Music Earplugs - Sleep Masks

    Comment

      #3
      So maybe ditch BMS and move elsewhere?
      Reusable Snore Earplugs : Sample Earplugs - Wax Earplugs - Women's Earplugs - Children's Earplugs - Music Earplugs - Sleep Masks

      Comment

        #4
        Amazing! There is absolutely nothing in the DSS about this - and I've read them! The standards are entirely concerned with the protection of cardholder data.

        Ask them which Requirement of the DSS you are infringing.

        Comment

          #5
          I am with BMS and use security metrics to scan my website too. Everything was fine till about a year ago it started failing scans, so I moved the site to Actinic hosting- that changed nothing it still fails the scans. I contacted Actinic, I gave them all the info and printouts, never heard a thing from them. When I tackled them about it they say their hosting is compliant. I feel uneasy about that, I would like a guarentee in writing. At that time it was failing the scans with level 8's, now like your site it fails with a level 5 (9 items at level 5 and 5 items at level 4). None of them is down to website content, all are to do with hosting (weak cyphers, debugging functions enabled, protocol with known weakness etc). I won't be happy till I get a cast iron guarentee-
          Mark

          Comment

            #6
            Hello Mark

            If you would like to email me the info and printouts that BMS have sent you i will investigate this matter further for you with our third line support! My email address is cjsupport [@] actinic.co.uk

            Thanks

            Chris

            Comment

              #7
              Hello Chris,
              PDF of the latest security metrics scan on its way to you. I can trigger a rescan anytime and send you the output.
              regards
              Mark

              Comment

              Previous template Next
              Working...
              X