Solved

SBS2003 - PCI Compliance

Posted on 2014-10-14
3
158 Views
Last Modified: 2014-11-14
As a result of a PCI compliance scan, it is required "to create another logon in front of the existing logon to get a dual logon" for OWA.    We are running 2003SBS, using Exchange, IISv6 and use OWA for remote email access and OWA/Activesync for smart phone access to the Exchange email.

Any thoughts on a solution?
0
Comment
Question by:howmad2
3 Comments
 
LVL 35

Accepted Solution

by:
Kimputer earned 500 total points
Comment Utility
Shutdown external web access. Now create extra logins for every user, assign VPN rights.
Now every user has to use VPN (only the new user/password) works. Continue to use the services as before (using internal ip numbers). A bit more difficult to work with as before but that's probably the whole point of this PCI exercise.
Also power drain for those smartphones (always VPN on).
0
 
LVL 30

Expert Comment

by:Gareth Gudger
Comment Utility
I am by no means a compliance officer, but it is my understanding that end of life software such as Exchange 2003, is a possible violation in of itself.
0
 

Author Closing Comment

by:howmad2
Comment Utility
Excellent
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now