Home
User Guide
The information contained in this section applies to IBM WebSphere Commerce Version 7.0.0.9 and Feautre Pack 8. The documentation also applies to all subsequent releases and modifications until otherwise indicated in new editions.
Compliance
The following section describes how you can leverage WebSphere Commerce features and functionality to help your site be compliant with different privacy and security standards.
WebSphere Commerce and the PCI Data Security Standard
Addressing the PCI Data Security Standard within WebSphere Commerce
The following topics deal with each of the detailed requirements that pertain to WebSphere Commerce. Some of the requirements are directly related to the WebSphere Commerce software package. Other requirements are unrelated, or indirectly relate to the WebSphere Commerce software package. For example, indirect requirements can affect your use of the operating system security features to secure WebSphere Commerce files.
Requirement 12: Maintain a policy that addresses information security for all personnel
This requirement is not directly related to WebSphere Commerce. Refer directly to the PCI DSS for requirements and details on how to develop your information security policies.

WebSphere Commerce on premise not applicable for Commerce on Cloud offering

Requirement 12: Maintain a policy that addresses information security for all personnel

This requirement is not directly related to WebSphere Commerce. Refer directly to the PCI DSS for requirements and details on how to develop your information security policies.

Important: Section 12.3.9 of the PCI-DSS requires that you develop a policy to address activation and deactivation of remote access technologies. WebSphere Commerce does not use remote access technologies for software updates