To comply with Payment Card Industry Digital Security Standards (PCI-DSS), WSU is required to block the sending and receiving of email messages that contain credit card information beginning on or before Wednesday, June 1. Information Technology Service (ITS) will be blocking email messages containing credit card information that transits in and/or out of the central Exchange and Office 365 mail systems via Proofpoint beginning Wednesday, May 25.
How this works:
- Email that contains data that are identified as credit card information will be stopped via a Regulatory Compliance Rule within the Proofpoint email security service. The rule looks at the message and message body as well as any attachments.
- Messages that are identified as containing credit card information will be quarantined in an encrypted folder within Proofpoint. This will allow visual inspection of the message by ITS, as required by PCI-DSS, in case this results in an erroneous (false positive) quarantining of the message. False positive emails will be released at the discretion of ITS Information Security Services (ISS).
- The sender of an email message identified as containing credit card information will receive an automated response from Proofpoint that their email communication has been blocked because WSU does not allow messages to transit our system with credit card information.
- If the sender believes this detection is in error, or has questions or concerns regarding this action, they should contact CougTech at 335-4357 or cougtech@wsu.edu
This message will be sent to all WSU email account holders as well to ensure all are aware of this new PCI-DSS requirement.
For questions please contact CougTech at 335-4357 or cougtech@wsu.edu
