PS-DSS Compliance

[USofAScott]

I am using Aloha 6.4.17 at one of our locations. Our PCI scans are showing that Aloha is not PA-dss compliant.

What versions of Aloha are PS-dss compliant and is this an upgrade that needs to be purchased or is this a minor upgrade that should be included in our license?

Has anyone else had to deal with this isssue?

 

[USofAScott]

oops I am not the best typist. That should be PA-dss compliance above, not PS-dss

Scott

 

[gunstar01]

Aloha and EDC version 6.4.x and above are compliant until December 1, 2013. Your QA scan should tell you what specifically what is not meeting requiremnts whether that be a user account issue or Windows updates not current, etc.

 

[eburks]

An administrator and a tech from your site need to go here and study the situation

https://www.pcisecuritystandards.org/merchants/index.php

There are som relevant PDF's here

http://aloharadiant.com/compliance/

Don't let anyone walk in the door or email or call about a compliance scan without challenging them and finding out who they represent. If it is not your Credit card processor or (only in some cases) Aloha VAR send them packing.

That is one of the steps to being compliant

One of my managers was going to take a meeting with some people to review our compliance. I told hime the above and he turned them around at the door. They wanted to sell something or worse and there was no trust. Letting them look at our computers our office or software would have been a failure in compliance.

An external scan like securitymetrics will come with a website address and login that will show you exactly what site, where you fail and how you should fix the problem