New PCI Virtualization Guidelines Answer Some Questions, Create Others
June 29, 2011 No CommentsThe introduction of virtualization guidelines into the Payment Card Industry (PCI) Data Security Standard (DSS) is a big step in acknowledging changing IT trends and refining compliance definitions, but the revisions could also create more challenges as end users apply differing interpretations of the mandate, according to security experts.
Earlier this month, the PCI Security Standards Council (SSC) added guidelines around PCI DSS for regulatory compliance for virtualized environments that also applied to data stored in the cloud. The move represented a significant shift that addressed growing security concerns created by burgeoning IT trends, experts say.