PCI-DSS includes the web servers that redirect users to third parties?

software4ed

Registered User

Join Date: Jul 2008

Posts: 31
#1

PCI-DSS includes the web servers that redirect users to third parties?

11-Jun-2010, 11:42 AM

The IT Manager at a company where I want to install Actinic has stated that...

"PCI-DSS includes the web servers that redirect users to third parties.
As I understand it, there are new requirements"

in response to my comments that "as WorldPay are PCI-DSS compliant and they handle all card payments the server hosting the catalog does not have to be PCI-DSS compliant."

Am I wrong? does anyone know if there new restrictions coming?
Tags: None
Mike Hughes

Registered User

Join Date: Jan 2003

Posts: 8743
#2

11-Jun-2010, 12:02 PM

Ignore him.

PCI-DSS only applies where credit card details will be entered or stored.

Outside of this area it has no authority and while there's a whole industry of consultants, experts, verifiers and hosts who might want to argue it's important outside of this area I think they're all barking up the wrong tree.

Mike

-----------------------------------------

First Tackle - Fly Fishing and Game Angling

-----------------------------------------
Comment

Announcement