sponsored by HyTrust
Posted:  22 Mar 2011
Published:  22 Mar 2011
Format:  PDF
Length:  13  Page(s)
Type:  White Paper
Language:  English
ABSTRACT:

Protecting cardholder data is a critical and mandatory requirement for all organizations that process, store or transmit information on credit or debit cards. Requirements and guidelines for securing cardholder data are specified in the Payment Card Industry (PCI) Data Security Standard (DSS) version 2.0. This international standard is maintained by the PCI Security Standards Council, whose founding members include American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa Inc. The card brands have incorporated PCI DSS as part of the technical requirements for each of their data security programs. Organizations subject to PCI DSS must deploy appropriate technical controls and processes to ensure security of cardholder data and verify compliance with the standard.

Virtualization technology can help organizations simplify compliance with PCI DSS with scope reduction. It entails segmenting the cardholder data environment from an entity’s other information systems. To help evaluate virtualization solutions for PCI DSS compliance, HyTrust recommends that your organization solicit vendor product and/or service-related input with a formal Request for Information. The RFI invites responses to questions for each Requirement of the PCI DSS with a focus on addressing security issues with virtualization. The suggested format in this paper includes relevant RFI templates that may be copied or adapted to particular requirements of your organization.

Continue reading to learn more about preparing an RFI for virtualization and the PCI Data Security Standard.






BROWSE RELATED RESOURCES
Data Management | Data Security | Data Storage | Payment Card Industry | Payment Card Industry Data Security Standard | Payment Card Industry Data Security Standard Compliance | Security Management | Virtualization Security

View All Resources sponsored by HyTrust

About TechTarget:

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines

All Rights Reserved, Copyright 2000 - 2014, TechTarget | Read our Privacy Statement