I also thought “Virtualization” was covered by the PCI DSS
From Mike Dahn’s PCI Blog:
http://pcianswers.com/2008/12/09/pci-already-addresses-virtualization/
Well worth a read.
Home | Beast Or Buddha | Daily Security News | Industry Specialists Talk | Beast Hot Jobs | Contact | Blog Directory | Forums
2 Responses to “I also thought “Virtualization” was covered by the PCI DSS”
Leave a Reply
- The ramblings in the Beast or Buddha IT Security blog are predominantly focused around IT Security topics. They are just my own takes on the industry and comments from industry peers. I don't profess to being able to solve the world's problems but happy to open myself up to criticisms and debate.
Most Read Posts
- Looking at what makes good Application Security knowledge.
- Review of Information Security and Risk Management Strategy - Complex or Straightforward Exercise?
- The 7 Reasons Why Businesses are Insecure!
- Latest PCI DSS Posts
- Regulation Vs. Market Forces
- E-Security: Government Strategies
- The CIO Sticking Point - Time to Get them out of the Reporting Line
December 11th, 2008 at 7:53 am
I hope people will educate themselves enough to understand the standard and how to apply it. Yes, the standard will change over time in response to industry needs, but it should not be rewritten to encompass every new technology.
December 11th, 2008 at 1:54 pm
You would think by many people’s reactions over the last couple of years that PCI DSS contained radical new approaches and ideas to good information security practice. More worrying when these views come from Information Security specialists.