Hello DreamHost Forum,
I’m new to passing PCI compliance. I hope this is the right place to post, or please direct me.
See Note 2 Remote Access Software:
Note to scan customer: Due to increased risk to the cardholder data environment when remote access software is present, please 1) justify the business need for this
software to the ASV and confirm it is either implemented securely per Appendix D or disabled/removed. Please consult your ASV if you have questions about this Special Note.
Has anyone had success in explaining this for PCI passing?