Payment Application Data Security Standard – aka PA-DSS is a set of security standards created by the PCI SSC to guide payment application vendors with implementing secure payment applications.
This PA-DSS Implementation Guide follows PA-DSS version 1.2 and PCI DSS version 1.2. It is not a complete “how to” nor does it cover each and every situation for every company setup. Check with your merchant/processor for any special instructions.
This guide my be updated from time to time — and security regulations also periodically change. Please check with your processor and review all relevant regulations. While we strive to keep all information current – we disclaim all responsibility for updating this information. You are advised to check with your processor and not rely solely on this document.
The Sage guide for PA-DSS and PCI DSS setup covers Sage MAS 90 & MAS 200 Versions 4.30.18 and 4.40.1
– Secure deletion of sensitive data and protection of stored cardholder data
– Password and account settings
– Wireless networks
– Network segmentation
– Secure remote updates
– Remote access
– Encrypting network traffic
View the full guide (as authored by Sage on January 28, 2010) at the link below:
Warning: Always check for updated regulations that may pertain to your company. Use the below Sage document as a tool and not a “how to”. We advise you to always consult with your payment processor for final rules and regulations. Schulz Consulting is not the author of the document below and we are not responsible for results you may encounter from using Sage’s guide.
Update – Erika Jelovsek, Product Manager for Sage MAS provides this feedback over on the MAS90 LinkedIn Discussion Forum:
This Implementation Guide was posted as part of the Sage PA-DSS audit that is currently underway for Sage MAS 90 and 200. It is important to note that the only versions of Sage MAS 90 and 200 that will be submitted for the audit will be 18.104.22.168 and 22.214.171.124. These versions (Product Updates 18 and 1 respectively) will be released in late March 2010. Stay tuned forinformation to be posted on Sage sites and sent in the partner and customer newsletters in the next few weeks. I encourage all Sage MAS 90 and 200 partners to download the Guide from the Sage site and begin to review it.
Implementation_Guide_MAS90v430018_44001.pdf – for Sage MAS 90 & MAS 200 v4.30.18 and 4.40.1 (January 28, 2010)