Service Provider Errors

I've got to post this somewhere, so this seems like as good of a spot as any. I've just got to go on a few minute vent about a certain service provider we use for PCI compliance (that's a credit card security compliance term that I didn't want to deal with, so we use a service provider.)

In any case, what we really wanted was someone to validate that our security was up to par with Visa and MasterCard's standards. We didn't want to have to research security every day until we got it all right, we just wanted someone to tell us when an issue presented itself. This worked well for a while, then they started making rule changes and upgrading things for PCI but not for this service. That's made things confusing.

Today, however, we have a new issue with them. We have random "vulnerabilities" that don't exist showing up, saying they're on 0 devices but still downgrading our compliance on every single device. The entire live chat we had with them is listed below.
Don: Hello

Don: how can I assist you today

You: Hey Don, any idea why we're getting flagged on all of our servers for Backup CGI file Detection with no way to resolve.

You: Hiccup there?

Don: Yes, we are aware of the issue and are working on it at this time. The issue should be resolved soon.

You: Ok, thank you.

As you can tell, they're having "an issue". But that brings up a question of reliability. If a security auditing firm has these types of problems in their internal system, how good are they at actually monitoring and reporting? Well, we'll keep using this service, but it has certainly raised some questions in my mind.

On the plus side, at least they knew about it. It may have been from the person right before us that asked about it, but they weren't totally clueless. I suppose that's something in their favor.

Comments

Post a Comment

Popular posts from this blog

Yii multiple select dropdownlist with default values

So I was coding a form in Yii, and came across a situation where I had a value of 0111110 (no, yes, yes, yes, yes, yes, no) that I needed to pre-populate values in a multiple select drop down. This didn't seem like it should be that hard, but the Yii documentation lacked a bit there. The first step was to split out the string. $optionValues = str_split($model->variable); Now, we create a blank array to hold our options. $options = array(); Then, we go through those options and set selected on the ones that need selected. foreach ($optionValues as $optionKey=>$optionVal) {      if ($optionVal) {         $options[$optionKey] = array('selected' => 'selected');     } } Now, we render the drop down list. echo $form->dropDownList($model, 'variable', array('0' => 'Zero', '1' => 'One','2'=>'Two','3' => 'Three', '4' => 'Four', '5' =&g
Read more

May 2021 updates

 Lots of work has been done since I last posted. Everything feels different, and gigs have been scheduled. It's time to get ready to play live again. Maiden Voyage We're playing a primarily hispanic audience show in a few weeks. New bass player is continuing to learn the songs, new guitar player keeps impressing me with his resolve, and as a band we feel ready for a couple hours of Maiden music. We're also playing a benefit for our lost blood brother in July, where we'll be playing the set list we did at our final show with him. Somehow, Live After Death seems fitting for that show, so that's what we're performing. We also have a special "something" planned for the first song which should hit everyone right in the feels. Pop Band We're currently using the name Hard Candy for this one. We're going to be playing a couple of benefit shows to get things started on stage. One is for our former drummer Dan and also the one with Maiden Voyage in Bill&
Read more

Been getting busy

It's been a while since I posted, so I thought it was time for an update. Maiden Voyage is starting to get busy. This summer saw quite a few shows and several benefits with us performing. We had our first show with us providing sound, which meant I had to buy a trailer. That was going to become necessary anyway just to continue moving our light show around, so it just worked out well. We played in Lincoln for the first time. Nothing earth shattering about playing another town about 60 miles from where we're based, but after that one show we immediately booked 2 more in Lincoln with minimal effort. Guess that first show is the most important one like they say... only one chance for that first impression. Speaking of 2 more shows with minimal effort, that's how most of our shows are happening now. We're not even looking for shows all that hard and are starting to have booking agencies and show promoters contacting us about being a headliner for some bands they'r
Read more