cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
AMA event- Migrating Existing Networks to Cisco ACI
180
Views
0
Helpful
2
Replies
Beginner

PCI Compliance with Tidal Scheduler

Looking for information on how Tidal is treated/mitigated within PCI environments within banks and retailers.

2 REPLIES 2
Beginner

We're going through a PCI

We're going through a PCI compliance audit right now, and TIDAL is out of scope. 

(We're a wireless telecom.)

 

Highlighted

At a company I worked for,

At a company I worked for, Tidal was in-scope as it ran jobs on in-scope applications.  We had to show how security policies were setup to prevent unauthorized Tidal users from accessing those jobs or the agent/adapter.  We had to show what our procedure was for adding and deleting interactive users.  We had to show that alerts were generated for job failures for those applications, show how we entered the incidents in our ticketing system.  And then show how we responded to the incident and what our resolution was.

 

I did a couple of things to help with the process.  One was to require an agent/adapter was defined on each job, not inherited to ease showing auditors what job was running on what system (I know this one might generate comments.  I was over-cautious since it was a financial audit.  6.x also improves searching).  The second was that we were required to keep a full fiscal year up to the time of the audit, so I built a process to copy data to a Tidal_Archive database that I built.  That way my production database stayed small, but I still had the history (alerts, operator actions, logs, events) for review.

 

Hope that helps,

Michelle

 

 

CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards
This widget could not be displayed.