IBM BigFix Compliance PCI Add-on
New PCI DSS Checklist for Windows 2016
New PCI DSS checklist
Payment Card Industry Data Security Standard v3.2
- The IBM BigFix Compliance PCI Add-on team is pleased to announce the availability of the new checklist for IBM BigFix Compliance PCI Add-on: PCI DSS Checklist for Windows 2016.
- This new checklist is based on the guidance provided by the Payment Card Industry Data Security Standard (PCI DSS) v3.2 and contains security configuration checks that evaluate the security settings of your Windows Server 2016 (Standard Edition) endpoints according to the PCI DSS standard.
- As with most of the existing PCI DSS contents in the IBM BigFix Compliance PCI Add-on library, this checklist includes checks with:
- Corresponding analyses properties to report actual values.
- Standardized titles, descriptions, and measured values for enhanced readability and consistency.
- The ability to ensure correctness of compliance data.
- Some of the checks allow you to use the parameterized setting to enable customization for compliance evaluation.
- Some of the checks also support remediation that allows BigFix operators to efficiently remediate a non-compliance issue with a single action.
- The following PCI DSS Policies are refreshed with the latest content from the PCI DSS Checklist for Windows 2016 site:
- PCI DSS Checklists
- PCI DSS Milestones View
- PCI DSS Requirements View
PCI DSS Checklist for Windows 2016, version 1
PCI DSS Reporting, version 9
*The site version is provided for air-gap customers.
Actions to Take:
- Ensure that the BigFix client version installed on the Windows Server 2016 endpoints is at 9.5.3 or later.
- Use the License Overview dashboard from the BES Support site to enable and gather the said site. Note that you must be entitled to the new content and you are using IBM BigFix version 9.2 and later.
- Create a custom site for the PCI DSS Checklist for Windows 2016 site to display the Windows Server 2016 results in the PCI DSS Policy Reports.
- If you were involved in the Beta / Early Access Program for IBM BigFix Compliance PCI Add-on, unsubscribe from the beta sites to avoid any conflicting issues with the production sites. If you do not unsubscribe from the beta sites, the content in the production sites will fail.
To know more information about the IBM BigFix Compliance PCI DSS checklists, see:
We hope you find this latest release of PCI DSS content useful and effective.
-- The IBM BigFix Compliance PCI Add-on team