Skip to content Skip to navigation

VoIP Encryption

If you currently use a Stanford desk Voice over Internet Protocol (VoIP ) phone to collect or confirm credit/debit card information and process the payment or refund through any of the following payment methods, the desk phone must be encrypted per PCI DSS Compliance Policy #29.1.

Payment methods:

  • A Point-of-Sale (POS) credit card terminal
  • A PCI workstation and a payment gateway virtual terminal (e.g. CyberSource VT)
  • A PCI Point-to-Point Encryption (P2PE) key pad

Once the desk phone is encrypted, an after-business hours process will "reboot" the equipment in order to activate it. Please follow the below instructions to request VoIP encryption. Due to the volume of requests, please allow 4 - 6 weeks lead time to complete the encryption after your initial request. Please submit your request by 9/30 so that the VoIP encryption can be completed by the annual PCI DSS compliance deadline that will take place in the October ~ November timeframe.

Instructions

Please follow the instructions below for submitting a ticket to request VoIP Encryption.

  1. Please use this link to create a ticket for ITS Voice Communication Services: stanford.service-now.com/it_services?id=sc_cat_item&sys_id=b90954d41365660019813598d144b0e7.
  2. Please start with this note in your ticket: "Please assign this ticket to the product management group for ITS Voice Communication Services."
  3. Fill out the following:
    • List of telephone numbers for encryption and the name associated with each phone number.
    • Building name, address and location of phones.
  4. Submit ticket.