Hello,
I came across this thread regarding security options for using FUSE:
viewtopic.php?f=20&t=469492&p=543787&hi ... ty#p543787
One recommendation was:
"Lastly, opting into our PCI environment is the highest security we offer. We recommend this for customers who are working with sensitive financial or medical data. We would need your webserver's IP addresses for this because we block all unknown traffic, incoming and outgoing."
Just curious, what does it mean to "opt in" to their PCI environment? Do we lose any functionality by opting in (e.g. logging)? If not, is there a reason why not everyone would be opted in?
Thanks!
We've Moved! Please visit our new and improved forum over at our new portal: https://portal.plumvoice.com/hc/en-us/community/topics
FUSE PCI environment
Re: FUSE PCI environment
Hello,
While there is no functional difference in Fuse+ between the two environments there are operational policy differences that are burdensome. If you are collecting payment information or health care related data then you likely already have corporate policies in place that require you to utilize our PCI environment. However, if you do not have strict PCI or HIPAA security policies then choosing to operate within our PCI environment will ultimately create unnecessary work for your operations team.
Within the PCI environment any time you need to migrate your application to a new server or deploy an application to a different set of servers you will need to work with our support team providing advance notice so that our security team can open up access to your new servers. When you run outside of the PCI environment you can perform these activities without prior approval which creates less work for your team.
Regards,
Plum Support
While there is no functional difference in Fuse+ between the two environments there are operational policy differences that are burdensome. If you are collecting payment information or health care related data then you likely already have corporate policies in place that require you to utilize our PCI environment. However, if you do not have strict PCI or HIPAA security policies then choosing to operate within our PCI environment will ultimately create unnecessary work for your operations team.
Within the PCI environment any time you need to migrate your application to a new server or deploy an application to a different set of servers you will need to work with our support team providing advance notice so that our security team can open up access to your new servers. When you run outside of the PCI environment you can perform these activities without prior approval which creates less work for your team.
Regards,
Plum Support
Plum Support
http://www.plumvoice.com
http://www.plumvoice.com