PCI-DSS

greggles's picture

Locking vendor accounts after their job is over, locking inactive admin accounts at 90 days

Old and unused accounts with admin access are a common entry point for attacks. They often have weaker passwords than a current account and the passwords are not being rotated making the accounts easier to brute-force over a long period.

There are two policies that create a solution to this problem:

  1. If a vendor will be doing work for a known amount of time, set their account to expire (be made inactive) on the date their work is likely to be done. This is required by PCI DSS 3.1 section 8.1.4.
Read more
nyakamwanza's picture

Drupal Developer (RFQ) | World Food Program USA

Employment type: 
Full time
Employment type: 
Contract
Telecommute: 
Allowed

UPDATE: WE HAVE REOPENED THIS POST AND ARE ACCEPTING SUBMISSIONS AGAIN

WFP USA is seeking a web developer with proven experience with Drupal and PHP in general to maintain, modify and improve/develop the www.WFPUSA.org platform. This will be a long-term contract of at least 12 months with possibility for extension. Level of effort will be near full-time for at least the first half of the contract

Main duties:

Read more
Subscribe with RSS Syndicate content