What Can You Do Today?

POS Configuration

Ensure a PAPB or PA-DSS validated version is running.
Configure credit card tenders to mask credit card numbers (PAN) and suppress expiration dates on all displays, receipts, vouchers and external reports or exports.
Configure back office security rights and assign user level permissions in support of business functional needs in order to limit access to reports with credit card numbers (PAN).
Create specific user accounts for POS services and configure services to logon using said accounts.
Where applicable, ensure the use of compliant hardware for credit and debit processing where PIN, EMV or the like are required.
Limit hardware connections to approved components required by the POS solution for data processing (such as cash drawers, printers, coin changers, display boards and the like; not to include personal USB drives or other none POS related equipment).
Securely remove historical data and logs and any non system generated files that may have been used for troubleshooting over time.
Securely remove files containing sensitive information that were created with a version not validated by the PA-DSS.
Configure automatic purging of historical data according to store’s data retention policy.

Restaurant Data Security Home - Contact Us
PCI Compliance 101 Data Security Milestones What Can You Do Today? Life Cycle of a Data Security Breach Data Security e-Newsletter Additional Resources

< Back What Can You Do Today? POS Configuration Ensure a PAPB or PA-DSS validated version is running. Configure credit card tenders to mask credit card numbers (PAN) and suppress expiration dates on all displays, receipts, vouchers and external reports or exports. Configure back office security rights and assign user level permissions in support of business functional needs in order to limit access to reports with credit card numbers (PAN). Create specific user accounts for POS services and configure services to logon using said accounts. Where applicable, ensure the use of compliant hardware for credit and debit processing where PIN, EMV or the like are required. Limit hardware connections to approved components required by the POS solution for data processing (such as cash drawers, printers, coin changers, display boards and the like; not to include personal USB drives or other none POS related equipment). Securely remove historical data and logs and any non system generated files that may have been used for troubleshooting over time. Securely remove files containing sensitive information that were created with a version not validated by the PA-DSS. Configure automatic purging of historical data according to store’s data retention policy.

© 2011 Radiant Systems, Inc. All Rights Reserved.