22
Jun

PCI DSS Compliance for Sage ERP software

Archived in the category: erp, MAS200, MAS500, MAS90
Posted by: zelmar - 1 Comment

Sage ERP Software requires PCI DSS Compliance

Due to the rampant security issues of credit card processing and credit cardholder information storage, the Payment Card Industry Security Standards Council has issued the strict compliance for the PCI DSS standards which must be complied by July 1, 2010.

The PCI-DSS STANDARDS from Payment Card Industry Security Standards Council

The PCI-DSS standards also have some 12 basic requirements. Some of these requirements may affect ERP developers and providers and some that do not:

Build and Maintain a Secure Network

Requirement 1: Install and maintain a firewall configuration to protect cardholder data
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters

Protect Cardholder Data

Requirement 3: Protect stored cardholder data
Requirement 4: Encrypt transmission of cardholder data across open, public networks

Maintain a Vulnerability Management Program

Requirement 5: Use and regularly update anti-virus software
Requirement 6: Develop and maintain secure systems and applications

Implement Strong Access Control Measures

Requirement 7: Restrict access to cardholder data by business need-to-know
Requirement 8: Assign a unique ID to each person with computer access
Requirement 9: Restrict physical access to cardholder data

Regularly Monitor and Test Networks

Requirement 10: Track and monitor all access to network resources and cardholder data
Requirement 11: Regularly test security systems and processes

Maintain an Information Security Policy

Requirement 12: Maintain a policy that addresses information security

Source:

https://www.pcisecuritystandards.org/security_standards/pci_dss.shtml

For further information and updates regarding the PCI DSS and PA DSS compliances, please visit:

https://www.pcisecuritystandards.org

Sage Software Compliance

For Sage MAS 90 ERP and Sage MAS 200 ERP

Sage MAS 90 ERP and Sage MAS 200 ERP versions .30.0.18 and 4.40.0.1 and the associated Extended Enterprise Suite (EES) versions are both PA-DSS and PCI DSS compliant. Access the link in order to fully understand what it takes to make your Sage MAS 90 or MAS 200 installation PA-DSS compliant:

http://cdn.bestsoftware.com/sagemail/MAS/PCI/Implementation%20Guide_MAS90v43018__44001.pdf

For Sage MAS 500 ERP

Sage MAS 500 ERP version 7.3 is already PA-DSS compliant. The link below is the Sage Implementation Guide. Access the link in order to fully understand what it takes to make your Sage MAS 500 ERP installation PA-DSS compliant:

http://community.sagemas.com/sagemas/attachments/sagemas/500TECH/447/3/PA-DSS_Implementation_Guide_MAS500v730%20-%2001-04-2010.pdf

If you are running Sage MAS 90 and Sage MAS 200 version 4.2 or lower, and would like to know your options to become compliant, please contact us at Phone : 866-848-2957 (Toll Free) or Fax : 866-491-9545 (Toll Free).

One comment for “PCI DSS Compliance for Sage ERP software”

1

[...] by jonathanfiloteo Look at the original post. Thanks to [...]

June 22nd, 2010 at 5:39 pm

Leave a Reply

You must be logged in to post a comment.