What Can You Do Today?

Ensure all default passwords are removed from the remote access software and use unique and complex passwords for each customer.
Ensure there is a mechanism in place for rotating passwords on a regular basis.
Ensure encrypted data transmission of at least 128 bits is enabled on the remote access software.
Ensure account lockout after a certain number of failed login attempts is enabled.
Ensure there is a mechanism for forcing automatic logoff after predetermined time of inactivity.
Ensure the logging function on the remote access software is enabled

Do not use “free” versions of remote access tools. These versions are for personal use only and are not approved for business use.
Telnet should never be enabled at your customer sites due to significant security concerns.
Do not use Windows Remote Desktop without:
- Running it over a secure protocol such as a Virtual Private Network (VPN) connection through a firewall.
- Using two-factor authentication to sign in to the Terminal Servers
- Using a dedicated SQL Server on a separate logical network.

Retail Data Security Home - Contact Us
PCI Compliance 101 Data Security Milestones What Can You Do Today? Life Cycle of a Data Security Breach Data Security e-Newsletter Additional Resources

< Back What Can You Do Today? Remote Access Configuration Ensure all default passwords are removed from the remote access software and use unique and complex passwords for each customer. Ensure there is a mechanism in place for rotating passwords on a regular basis. Ensure encrypted data transmission of at least 128 bits is enabled on the remote access software. Ensure account lockout after a certain number of failed login attempts is enabled. Ensure there is a mechanism for forcing automatic logoff after predetermined time of inactivity. Ensure the logging function on the remote access software is enabled What Not to Do Do not use “free” versions of remote access tools. These versions are for personal use only and are not approved for business use. Telnet should never be enabled at your customer sites due to significant security concerns. Do not use Windows Remote Desktop without: Running it over a secure protocol such as a Virtual Private Network (VPN) connection through a firewall. Using two-factor authentication to sign in to the Terminal Servers Using a dedicated SQL Server on a separate logical network.

© 2011 Radiant Systems, Inc. All Rights Reserved. Powered by CounterPoint Retail Point of Sale.