[cisco-voip] PCI DSS compliance for Cisco IPT/UCCX

Lamont, Joshua joshua_lamont at brown.edu
Tue Jan 22 08:18:58 EST 2019 

The complete guide is located here:
https://www.pcisecuritystandards.org/documents/Protecting_Telephone_Based_Payment_Card_Data_v3-0_nov_2018.pdf

This was updated in November for the first time in seven years. If you are
a business accepting credit cards this is definitely something you should
read through.

Joshua Lamont
Senior Telecommunications Engineer
Brown University
office (401) 863-1003
cell    (401) 749-6913


On Tue, Jan 22, 2019 at 7:36 AM Ryan Huff <ryanhuff at outlook.com> wrote:

> At a high level I’d think you’ll need to look into SRTP (aka voice
> encryption) enabled system-wide, no call recording (which you can’t do with
> SRTP anyway) and possibly no call monitoring too (at least on the PII
> calls).
>
> Then adhere to all the physical access rules for servers that store or
> transmit PII (personally identifiable information).
>
> You may need to research database storage requirements as it relates to
> PCI. I’m assuming the UCCX environment is what will be dealing with the
> PII; while UCCX doesn’t have the capacity to outright store CC info, it may
> be possible that some of that info is captured in logs, depending on how
> your environment is set up.
>
> You’d have to do a lot of dry runs in the UCCX environment and run all the
> calling scenarios that interact with PII to ensure traces of it do not get
> logged.
>
> Obviously nothing can be done to the UCCX database outside of what Cisco
> supports, like encrypt table values that aren’t encrypted.. etc
>
> Sent from my iPhone
>
> > On Jan 22, 2019, at 01:23, Ki Wi <kiwi.voice at gmail.com> wrote:
> >
> > Hi Group,
> > I have a customer who is querying on how can we make their existing
> Cisco IPT (with UCCX) PCI DSS compliance since the new upcoming site we are
> planning to deploy will handle sensitive data such as credit cards
> information.
> >
> > Any folks out there have experience doing this?
> >
> > Do we need voice encryption? Turn on TLS v1.1 ? etc?
> >
> > --
> > Regards,
> > Ki Wi
> > _______________________________________________
> > cisco-voip mailing list
> > cisco-voip at puck.nether.net
> >
> https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpuck.nether.net%2Fmailman%2Flistinfo%2Fcisco-voip&data=02%7C01%7C%7Cb9218ac35b024bba75db08d680321fbe%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636837350098382558&sdata=%2Fb%2BfDpOqy2BHdBZ%2F%2F%2B%2BYB7FyBrE4lznDiRI1dlwChC4%3D&reserved=0
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20190122/a82d8f0e/attachment.html>

More information about the cisco-voip mailing list