I’m at a loss here… 2 Months ago (!) I submitted a support request regarding the failure of a server to be PCI DSS compliant. Below is a copy of my question. I have followed up about 4 times through Live Chat and I have submitted another request. And… nothing. No answer, no reply, no help. I was told Security is looking into it and no one could tell me how long it would take. Now I am unable to Chat Live anymore. Should I just move everything top a different company?
June 26, 2011
I am in the process of validating my website to be PCI DSS compliant. (This is the mandatory request from my merchant account)
I ran their “scan” and they gave me a list of server failures. Below is the email my contact sent me:
“I looked and saw that you started a scan yesterday. I noticed that the scan completed and several servers failed to to a couple of vulnerabilities. You will need to have these items remediated and then run another scan. Once you have a successful scan on all servers, you can log in to the PCI ToolKit on the following day, after our system updates, and complete that one remaining task. once you have certified the item is complete you will attest to your compliance and you will be done until next year.”
I have the scan attached.
What do I do now since these are your servers?