Dealing with auditors (was Re: We hit half-million: The Cidr Report)

• Previous message (by thread): Dealing with auditors (was Re: We hit half-million: The Cidr Report)
• Next message (by thread): Dealing with auditors (was Re: We hit half-million: The Cidr Report)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, May 1, 2014 at 6:29 AM, Alain Hebert <ahebert at pubnix.net> wrote:
>     Bill & Telnet...
>
>         I hope that QSA didn't let you keep that telnet facing any
> public interface without any protection.

Hi Alain,

The point I made, successfully, was that it was outside the firewall
hence out of scope for the audit. What I do in a different security
domain from the one which handles the credit card transactions is none
of their business.

Regards,
Bill Herrin

-- 
William D. Herrin ................ herrin at dirtside.com  bill at herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004

• Previous message (by thread): Dealing with auditors (was Re: We hit half-million: The Cidr Report)
• Next message (by thread): Dealing with auditors (was Re: We hit half-million: The Cidr Report)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]