University merchants accepting credit and debit cards may be required to conduct quarterly external scans of their web site or customer/card holder data environment. This service offering form will start the process of getting the needed PCI scans setup.
Compliance Information
This service can help meet PCI DSS requirements bellow:
11.3 External and internal vulnerabilities are regularly identified, prioritized, and addressed.
11.3.2 External vulnerability scans are performed as follows:
- At least once every three months.
- By PCI SSC Approved Scanning Vendor (ASV).
- Vulnerabilities are resolved and ASV Program Guide requirements for a passing scan are met.
- Rescans are performed as needed to confirm that vulnerabilities are resolved per the ASV Program Guide requirements for a passing scan.
11.3.2.1 External vulnerability scans are performed after any significant change as follows:
- Vulnerabilities that are scored 4.0 or higher by the CVSS are resolved.
- Rescans are conducted as needed.
- Scans are performed by qualified personnel and organizational independence of the tester exists (not required to be a QSA or ASV).
Support
For the most efficient support experience, please submit a ticket using the request form on this page. Alternatively, contact your campus Help Center location via email, by phone, or in person.