1. PA-DSS 3.2. Implementation Guide
  2. Preface

Preface

This document describes the steps needed for your Oracle Hospitality Cruise Shipboard Property Management System (SPMS) installations to comply with Payment Application – Data Security Standards (PA-DSS). The information in this document is based on PCI Security Standards Council Payment Application - Data Security Standards program (version 3.2 dated June 2016). For reference, download the PCI PA-DSS 3.2

Requirements and Security Assessment Procedures from the PCI SSC Document Library.

The Oracle Hospitality Cruise Shipboard Property Management System instructs and advises its customers to deploy the application in a manner that adheres to the PCI Data Security Standards. (v3.2). Subsequent to this, follow the best practices and hardening methods, such as those referenced by the Center for Internet Security (CIS) and their various benchmarks, in order to enhance system logging, reduce the chance of intrusion, increase the ability to detect intrusion, and other general recommendations to secure networking environments. Such methods include, but are not limited to, enabling operating system auditing subsystems, system logging of individual servers to a centralized logging server, disabling infrequently used or frequently vulnerable networking protocols, and implementing certificate-based protocols for access to servers by users and vendors.

Follow the steps outlined in this Implementation Guide for Oracle Hospitality Cruise Shipboard Property Management System installation to support your PCI DSS compliance efforts.

Revision History

Table -1 Revision History

Date Description of Change

September 2022

Initial publication.

June 2023

Updated new customer portal.

This PA-DSS Implementation Guide is reviewed and updated on a yearly basis, when there are changes to the underlying application, or when there are changes to PA-DSS requirements. Go to the Hospitality documentation page at the Oracle Help Center at http://docs.oracle.com/en/industries/hospitality/ to view or download the current version of this guide, and see the Shipboard Property Management System Release Notes and this guide's Revision History to learn what has been updated or changed. In order to ensure your PCI DSS is compliance, subscribe to receive Oracle Security Alerts email by clicking the Critical Patch Updates link on the Oracle Technology Network at http://www.oracle.com/technetwork/index.html. This provides timely information on any possible updates to the PA-DSS Implementation Guide that you need to know about in order to continue to using SPMS in a PCI DSS compliant manner.