Published at LXer:
PCI compliance is all about protecting your core servers, and you can't be careful enough when you go about this. Protecting your servers is all about guarding key components from the rest of your online systems, and most important of all, perhaps, is isolating the server that you use for crucial credit card data from the rest of the systems on your network. This is really the heart and soul of PCI compliance. Now I'm sure that the team you have in charge of security and PCI compliance has set up a Linux based system for your core servers. However, it's very unlikely that every system on your network uses Linux. Under such circumstances, every system that does not use Linux is a potential threat to the security of your network and to integrity of your PCI compliance.
Read More...