9700 HMS Version 4 0 Maintenance Releases ReadMe First

9700 Hms Version 4 0 Maintenance Releases Readme First-Free PDF

  • Date:17 Oct 2020
  • Views:0
  • Downloads:0
  • Pages:29
  • Size:395.01 KB

Share Pdf : 9700 Hms Version 4 0 Maintenance Releases Readme First

Download and Preview : 9700 Hms Version 4 0 Maintenance Releases Readme First


Report CopyRight/DMCA Form For : 9700 Hms Version 4 0 Maintenance Releases Readme First


Transcription:

General Information,About this Document,General Information. For each version this document provides the following information. What s New This section of the document contains information on the new features of a. software release A new feature is defined as one that provides capabilities that. were not available in previous versions of the software. What s This section of the document contains information on the enhancements in the. Enhanced software release An enhancement is defined as a change made to improve or. extend the functionality of an existing feature in the software To qualify as an. enhancement the change must satisfy the following criteria. The basic feature or functionality already exists in the previous release of. the software, The change adds to or expands on the current process it does not replace it. This differs from a revisions i e a defect fix which corrects a problem not. detected in the previous release of the software, What s Revised This section of the document contains information on the issues that have been. corrected in a software release A revision is defined as a correction made to an. existing form feature or function in the currently released version of the. software To qualify as a revision the change must satisfy the following criteria. The basic form feature or functionality must be part of the previous. version of the software, The change must replace the current item or remove it from the application. Additionally all reported issues that are deemed to be BY DESIGN are included. in this section as well These issues will contain the preface BY DESIGN in. front of the feature name,June 12 2014,Page 2 of 29.
General Information,Declarations,Declarations Warranties. Although the best efforts are made to ensure that the information in this. document is complete and correct MICROS Systems Inc makes no warranty. of any kind with regard to this material including but limited to the implied. warranties of marketability and fitness for a particular purpose. Information in this document is subject to change without notice. No part of this document may be reproduced or transmitted in any form or by. any means electronic or mechanical including photocopying recording or. information recording and retrieval systems for any purpose other than for. personal use without the express written permission of MICROS Systems Inc. MICROS Systems Inc shall not be liable for errors contained herein or for. incidental or consequential damages in connections with the furnishing. performance or use of this document,Trademarks, Adobe FrameMaker is a registered trademark of Adobe Systems Incorporated. The following are registered trademarks of the Microsoft Corporation. Operating Systems Microsoft Windows Server 2008 R2. Database Platforms Microsoft SQL Server 2008 R2, The following are registered trademarks of the Oracle Corporation. Oracle 11g, Other products Microsoft Excel Win32 and Windows CE. Visio is a registered trademark of Visio Corporation. All other trademarks are the property of their respective owners. Printing History New editions of this guide incorporate new and changed material since the. previous edition Minor corrections and updates may be incorporated into. reprints of the current edition without changing the publication date or the. edition number,Edition Month Year Software Version.
1st July 2013 4 0 GR,2nd June 2014 4 0 MR1,June 12 2014. Page 3 of 29,General Information,Who Should Be Reading This Document. Who Should Be This document is intended for the following audiences. Reading This,MICROS Installers Programmers,MICROS Dealers. MICROS Customer Service,MICROS Training Personnel,MIS Personnel. What the Reader This document assumes that the reader has the following knowledge or. Should Already expertise,Know Operational understanding of PCs.
Understanding of basic network concepts,Experience with Microsoft Windows Server 2008 R2. Experience with Microsoft SQL Server 2008 R2 or Oracle 11g. June 12 2014,Page 4 of 29,PCI Compliance,What the Reader Should Already Know. PCI Compliance, Visa established the Payment Card Industry PCI Data Security Standard to. protect Visa cardholder data wherever it resides ensuring that members. merchants and service providers maintain the highest information security. standard To adhere to the PCI standard changes have been made to the 9700. HMS product Please read this section carefully as well as the accompanying. PCI compliance documentation For a list of related documents see the. Documentation Resources section, More information about PCI compliance and related software changes is. provided in the following sections,Documentation Resources.
Security Announcement,PCI Compliance Installation Changes. June 12 2014,Page 5 of 29,PCI Compliance,Documentation Resources. Documentation The following documents have been updated with information and procedures. Resources needed to maintain PCI compliance and must be consulted for security purposes. prior to upgrading from 9700 HMS Version 3 1 SP5 and below to 9700 HMS. v3 6 and above These documents are available on the MICROS 9700 HMS. Product page of the MICROS Member Services website. 9700 v4 0 PA DSS Implementation Guide This document is a quick. reference guide that provides information concerning MICROS adherence. to the PCI Data Security Standard and Payment Application Data Security. Standard PA DSS compliance, 9700 Secure Default Account Handling This document contains detailed. information on 9700 v 4x secure default account handling procedures. These procedures must be followed to prevent compromised security and. maintain PCI compliancy, 9700 v4 0 Security Guide This document describes 9700 s security design. features that monitor employees actions taken on the system and features. that restrict employee access to the database reports and operational. procedures, 9700 Upgrade Best Practices This document is intended to convey the best.
practice information when upgrading the 9700 HMS application from a. non PCI compliant version version 2 x to a PCI compliant version. versions 3 x and greater, MICROS 9700 v4 0 Key Manager Application Manual This document is a. quick reference guide that provides information concerning the 9700. Encryption Key Management Utility which allows the user to set the. encryption passphrase for the 9700 system, MICROS Secure Wipe Tool This document provides instructions on how to. download and use the secure wipe tool Eraser The secure deletion of data is. necessary when upgrading a non PCI compliant version of a MICROS. software application or when customer data has been collected for. troubleshooting purposes and is no longer needed, Wireless Networking Best Practices This document explains the steps. necessary to connect a wireless workstation for PCI compliance. June 12 2014,Page 6 of 29,PCI Compliance,Security Announcement. Announcement, Overview Due to new more stringent Payment Card Industry Data Security Standard PCI.
DSS requirements the encryption key rotation handling procedures default. account handling and security related documentation for 9700 versions have. About PCI PCI compliance is required of all merchants and service providers that store. Compliance process or transmit cardholder data The program applies to all payment. channels including retail brick and mortar mail telephone order and e. When customers offer their bankcard at the point of sale over the Internet on. the phone or through the mail they want assurance that their account. information is safe That s why the PCI Data Security Standard was established. The program is intended to protect cardholder data wherever it resides. ensuring that members merchants and service providers maintain the highest. information security standard 1, To achieve compliance with PCI merchants and service providers must adhere. to the PCI Data Security Standard which offers a single approach to. safeguarding sensitive data for all card brands This Standard is a result of. collaboration among the credit card industry and is designed to create common. industry security requirements incorporating the PCI requirements Using the. PCI Data Security Standard as its framework PCI provides the tools and. measurements needed to protect against cardholder data exposure and. compromise across the entire payment industry, For more detailed information concerning PCI compliance please refer to the. PCI Security Standards Council website,https www pcisecuritystandards org. June 12 2014,Page 7 of 29,PCI Compliance, Key In the past non PCI compliant versions of software stored the encryption keys. Management used to encrypt and decrypt secure data such as credit card numbers in the. Utility Security, Enhancements Now due to a new PCI DSS requirement that mandates the secure deletion of.
unused encryption keys 9700 versions 3 10 SP6 and higher use a new. encryption scheme that avoids using secondary encryption keys The secure. deletion of the old encrypted passphrase file is accomplished using the secure. delete application SDelete, Warnings After a key rotation the initial key rotation and all subsequent rotations is. performed by the Key Management Utility the database and 9700 application. becomes synchronized with new encryption key data, As a result users should not swap databases restoring replacing the existing. database with a different one until they are absolutely sure that the new. database is also in sync with the 9700 application. Generally speaking there is no way to determine whether an offline database. that is about to be restored by the user is in sync with the 9700 application. Therefore the only safe scenario to restore replace a database is to restore. replace the database with a good database backup that must have been taken. prior to performing the new key rotation The database can only be restored. replaced if no key rotation has occurred since uploading the existing database or. since the backup database was taken, Warning If the passphrase is lost the encrypted data in the. database is unrecoverable There are no back doors, For more information and instructions on how to use the Key Management. Utility see the 9700 v4 0 Key Manager Application Manual. June 12 2014,Page 8 of 29,PCI Compliance, Secure Default This section contains detailed information on secure default account handling.
Account procedures These procedures must be followed to prevent compromised. security and maintain Payment Card Industry PCI compliance. Important Security Warning The use of default accounts is. not PCI compliant Therefore 9700 versions 3 10 SP6 and. higher eliminated the option to operate in a non compliant. fashion by automatically deleting or disabling the existing. default accounts via the installation upgrade process. Disabling or deleting the existing default accounts could. potentially disable functionality in the system where these. accounts were used However these default accounts must be. securely disabled or deleted to operate in a PCI compliant. In the past 9700 versions installed with four default accounts 9700cfg. csremote micros and m9700 MICROS Systems Inc previously advised. that these defaults accounts be deleted renamed or disabled To prevent. compromised security and maintain PCI compliancy 9700 versions 3 10 SP6. and higher have modified or removed these default accounts. The micros and csremote legacy accounts will no longer be installed These. accounts have been removed from the installation process as they are not used. and when not securely deleted can compromise PCI compliancy When. upgrading to Version 3 10 SP6 or higher from a lower version of software these. accounts will be disabled after the upgrade process completes. The legacy m9700 and 9700cfg accounts will be disabled after the. installation upgrade process completes, For more information on secure default account handling see the 9700 Secure. Default Account Handling document,June 12 2014,Page 9 of 29. PCI Compliance,PCI Compliance Installation Changes. PCI Compliance Changes were made to the 9700 installation process for versions 3 10 SP6 and. Installation Changes higher in order to meet the Payment Card Industry Data Security Standard PCI. DSS requirements For more information on PCI DSS please see the Security. Announcement section on page 7, To meet the PCI compliance requirements Domain level security or Windows. Workgroups must now be enabled when both the Remote Management Console. RMC remote user account is active and credit card transactions are processed. through the 9700 system Domain level security must be enabled when the. server is on a domain Windows Workgroups provides security for servers not. on a domain, The installation process now recognizes if the server is on the domain or not on.
the domain When the server is on the domain domain level security is. automatically installed by the 9700 installation process Disabling domain level. security will compromise PCI compliancy If domain level security is disabled. when the server is on the domain the CreateUser exe application must be used. to maintain PCI compliancy For more information on Windows Workgroups. and the CreateUser exe application see the When the Server is Not on the. 9700 Upgrade Best Practices This document is intended to convey the best practice information when upgrading the 9700 HMS application from a non PCI compliant version version 2 x to a PCI compliant version versions 3 x and greater MICROS 9700 v4 0 Key Manager Application Manual This document is a quick reference guide that

Related Books