o

KNOWLEDGE CAPTURE DOCUMENT

Submission to

Developer For ALCANTARA & RITZ

For the Provision of

PCI FORENSIC INVESTIGATION (PFI)

COMMERCIAL-IN-CONFIDENCE
© Security Risk Management Ltd 2018
1 INFORMATION GATHERING
1.1 INITIAL BACKGROUND INFORMATION
Contact Name:
Martin Pykett
Address:
15 Babbington Lane
Postcode:
NG16 2PT
Email:
martinpykett@outlook.com
Telephone:
07983566659

1.2 HOSTING PROVIDER DETAILS

Hosting provider name:
UKFast
Contact Name:
Tim Ratcliffe
Email:
tim.ratcliffe@ukfast.co.uk
Telephone:
0161 215 3854

Question
Answer
What type of server is used? (Physical/virtual/shared/dedicated)
Dedicated
What size are the disks within the server? (if Physical)
*****
How many servers are there and how are they configured?
1
What operating system is installed? Linux / cPanel

Is there a firewall present? (Software/hardware details where *****

relevant)

Are access logs/server logs available? What is the retention

*****
period for logs?

Were any major hosting changes made prior to this

*****
investigation?

1.3 E-COMMERCE PLATFORM DETAILS

Question
Answer
What e-commerce platform is used? (Custom
Magento Community
build/Magento/WordPress etc)

What version?

COMMERCIAL-IN-CONFIDENCE
© Security Risk Management Ltd 2018
 What date was the platform installed? April 2015

What patches have been applied?

What is this the current checkout? (Direct/Hosted One Page Checkout (Magento)
Page/Form/Redirect)

Are there any other payment processors such as PayPal or

PayPal
Amazon Pay?

1.4 COMPROMISE DETAILS

Please answer the following with as much detail as possible if an internal or third party investigation
into the compromise has already been conducted.
Question
Answer
Has an internal or third party investigation been conducted?
No
Has any malicious code or files been identified?
No
If malicious code has been identified, please explain the actions N/A
taken.

If malicious code has been removed, do you have backup copies N/A
available for analysis?

Any other compromise details?

No

COMMERCIAL-IN-CONFIDENCE
© Security Risk Management Ltd 2018
1.5 PCI DSS INFORMATION GATHERING

PCI Question Yes / Response

Requirement No

Req 1 Is there a Firewall in place for the e-commerce ☐

environment?
If so, can you please provide details of rules
configured, company name, version details?
Req 2 Do you have a system hardening document in ☐
place which relates to password strength and
changing default vendor supplied credentials?
Req 3 Is Cardholder Data Stored? ☐
- if so how is it protected?
Req 4 Is cardholder data transmitted over the ☐
internet?
- If so, how is it encrypted?
Req 5 Is an Anti-Virus solution deployed on the e- ☐
commerce systems?
- If so, what solution?
Do you have policies in place for developing and
Req 6 ☐
maintaining secure systems and applications?
i.e. secure development lifecycle
Req 7 Do you have a Role Based Access Control policy ☐
in place?
Req 8 Does everyone with access to the ‘Merchant ☐
Name’ systems have a unique ID?
- Do they use strong passwords?
- Are passwords regularly changed?
Req 9 Is there any card data present in written form ☐
on your site?
- If so, do you have a physical security
policy?
Req 10 Are access logs available for the e-commerce ☐
systems?
- Are they monitored regularly?
- Details of what is logged?
Req 11 Do you have regular ASV testing conducted? ☐
- When was the last Penetration test
completed?
- Do you have internal vulnerability
scanning in place?
Req 12 Do you have a written Information security ☐
Policy?
- Do you also have an Incident Response
Policy?

COMMERCIAL-IN-CONFIDENCE
© Security Risk Management Ltd 2018