Preparing an RFI for Virtualization and the PCI Data Security Standard

Preparing an RFI for Virtualization and the PCI Data Security Standard


Protecting cardholder data is a critical and mandatory requirement for all organizations that process, store or transmit information on credit or debit cards. Requirements and guidelines for securing cardholder data are specified in the Payment Card Industry (PCI) Data Security Standard (DSS) version 2.0. This international standard is maintained by the PCI Security Standards Council, whose founding members include American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa Inc. The card brands have incorporated PCI DSS as part of the technical requirements for each of their data security programs. Organizations subject to PCI DSS must deploy appropriate technical controls and processes to ensure security of cardholder data and verify compliance with the standard.

Virtualization technology can help organizations simplify compliance with PCI DSS with scope reduction. It entails segmenting the cardholder data environment from an entity’s other information systems. To help evaluate virtualization solutions for PCI DSS compliance, HyTrust recommends that your organization solicit vendor product and/or service-related input with a formal Request for Information. The RFI invites responses to questions for each Requirement of the PCI DSS with a focus on addressing security issues with virtualization. The suggested format in this paper includes relevant RFI templates that may be copied or adapted to particular requirements of your organization.

Continue reading to learn more about preparing an RFI for virtualization and the PCI Data Security Standard.

22 Mar 2011
22 Mar 2011
13 Page(s)
White Paper
Already a Bitpipe member? Login here

Download this White Paper!

By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Safe Harbor