Solved

SBS2003 - PCI Compliance

Posted on 2014-10-14
3
175 Views
Last Modified: 2014-11-14
As a result of a PCI compliance scan, it is required "to create another logon in front of the existing logon to get a dual logon" for OWA.    We are running 2003SBS, using Exchange, IISv6 and use OWA for remote email access and OWA/Activesync for smart phone access to the Exchange email.

Any thoughts on a solution?
0
Comment
Question by:howmad2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 35

Accepted Solution

by:
Kimputer earned 500 total points
ID: 40380947
Shutdown external web access. Now create extra logins for every user, assign VPN rights.
Now every user has to use VPN (only the new user/password) works. Continue to use the services as before (using internal ip numbers). A bit more difficult to work with as before but that's probably the whole point of this PCI exercise.
Also power drain for those smartphones (always VPN on).
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40389429
I am by no means a compliance officer, but it is my understanding that end of life software such as Exchange 2003, is a possible violation in of itself.
0
 

Author Closing Comment

by:howmad2
ID: 40442866
Excellent
0

Featured Post

Webinar June 1st - Attacking Ransomware  

The global cyberattack that corrupted hundreds of thousands of computer systems on May 12th had a face, name, & price tag that we’ve seen all too often in recent years: Ransomware. With the stakes – and costs – of a ransomware attack higher than ever, is your business prepared ?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There's a lot of hype surrounding blockchain technology. Here's how it works and some of the novel ways it' s now being used - including for data protection.
Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question