[Madlug] PCI Dss
Marcin Antkiewicz
madlug at kajtek.org
Sat Dec 12 23:26:16 CST 2009
> The third item is once you have identified everywhere on your network card
> holder data is stored or processed, you should segregate that portion of the
> network the best you can from everything else. The more control you have
> over the card holder environment, the easier it will be to set controls in
> place such as AV, firewall rules etc.
Intermediate step - try to remove as many devices from the list as possible, as
each of them will cost you. Move services around to limit the scope as much as
possible, as every device and webapp that's covered will cost you.
--
Marcin Antkiewicz
More information about the Madlug
mailing list