The PCI-DSS is prescriptive in regards to ways to protect data. Segmenting payment systems from the rest of the network and implementing monitoring and intrusion prevention and detection are non-negotiable requirements. However, the PCI-DSS also allows organizations the flexibility to meet the protection requirements using innovative architectures and approaches.
There are alternatives to PCI compliance. In this podcast, PCI expert analyst Diana Kelley discusses the areas of PCI compliance where a host-based approach may prove to be a cost-effective alternative to physical separate and additional hardware based network devices.
Some organizations have opted to implement physical separation by building new data centers that are entirely separate from the rest of the corporate network. While effective, this approach is extremely costly and not supportable for many environments.
Listen to this podcast and learn about some alternative approaches to achieving PCI compliance that are cost effective and easy to implement.
To learn more about how to comply with PCI, listen to this podcast here:
Information Security Research Library
