Remotely accessing Point of Success
You can access Point of Success using any remote access technology, including:
- Go To My PC
- Log Me In
- Windows Remote Desktop
- And a number of others
Special requirements to meet PA-DSS (PCI) credit card data security standards:
Please be aware that:
If you use an alternate administration interface (e.g. Remote Desktop, LogMeIn, GoToMyPC, CrossLoop) to access your payment processing environment or to make administrative changes, the traffic must be encrypted with a secure encryption technology (e.g. SSH, VPN, or SSL/TLS) to maintain credit card data security compliance.
- Do not use remote access solutions requiring “port forwarding” such as VNC.
- Use two-factor authentication for remote access. Use technologies such as RADIUS, TACACS with tokens, or VPN with individual certificates assigned to each user. Two-factor authentication means that two of the following three things are required: Something the user knows (like a password), something the user has (like a one-time-use key) or something the user is (like biometric data).
- Develop usage policies for critical employee-facing technologies (for example, remote-access
technologies, wireless technologies, removable electronic media, laptops, personal data/digital
assistants (PDAs), e-mail usage and Internet usage) to define proper use of these technologies for all employees and contractors. Ensure these usage policies require the following:- Explicit management approval to connect any device to your network
- Authentication for use of the technology
- A list of all such devices and personnel with access
- Labeling of devices with owner, contact information, and purpose
- Acceptable uses of the technology.
- Acceptable network locations for the technologies
- List of company-approved products
- Automatic disconnect of sessions for remote-access technologies after a specific period of inactivity
- Activation of remote-access technologies for vendors only when needed by vendors, with
immediate deactivation after use
