IBM BigFix Compliance PCI Add-on: Updated Payment Card Industry Data Security Standard (PCI DSS) Checklists published 2015-10-16

Release Announcements PCI Add-on (Release Announcements)
1

IBM BigFix Compliance
Security Configuration Management (SCM)

The IBM BigFix Compliance team has updated the content for various Payment Card Industry Data Security Standard (PCI DSS) DSS checklists. See details below:

Updated sites:

  • PCI DSS Checklist for MS IIS, site version 3
  • PCI DSS Checklist for MS SQL 2008, site version 4
  • PCI DSS Checklist for MS SQL 2012, site version 5
  • PCI DSS Checklist for Windows 7, site version 3
  • PCI DSS Checklist for Windows 2008, site version 3
  • PCI DSS Checklist for Windows 2012, site version 4

Site versions provided for air-gap customers.

Changelist:

  • Updated content to have a parameterized setting to enable customization for compliance evaluation.
  • Updated content to include requirements from the PCI DSS Requirements and Security Assessment Procedures v3.1.
  • Fixed Fixlets and analyses mismatched links.
  • Updated Fixlets with sufficient descriptions.
  • Updated source ID format for better tracking.

Actions to take:

  • If you have already subscribed to any of the sites above, no further action needs to be taken. The changes will be gathered automatically.
  • If you have not subscribed to any of the sites above, you can use the License Overview dashboard to enable and gather the sites. Note that you must be entitled to the new content and you are using IBM BigFix version 9.0 and later.
  • If you were involved in the Early Access Program for PCI DSS Security and Compliance, unsubscribe from the beta sites to avoid any conflicting issues with the production sites. If you do not unsubscribe from the beta sites, the content in the production sites will fail.
  • If you are currently licensed for the IBM BigFix Compliance, the BigFix SCMv3 solution module, the BigFix SCVM solution pack, or the BigFix SLM+SCVM solution bundle, contact your IBM sales representative on how to get access to the PCI DSS content.

Documentation resources:
For information about using the PCI DSS Checklists, see the User’s Guide located here: https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/Using%20PCI%20DSS%20Checklists

We hope you find this latest release of SCM content useful and effective. Thank you!

– The IBM BigFix Compliance team