Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Why segment Payment Systems?

payment segment SYSTEMS
0
Posted

Why segment Payment Systems?

0 CommentsAdd a Comment

1 Answer

0

PCI DSS now mentions segmentation directly in the standard document. PCI has recently, in September 2006, undergone an update, from version 1.0 to version 1.1. In PCI version 1.0 segmentation was not spelled out in the standards document itself, but only briefly in the audit procedures document and only as part of the suggested audit tests. In PCI version 1.1, segmentation is mentioned twice in the standard itself, once as a method of limiting audit scope and once as an acceptable compensating control. Clearly segmentation is getting more attention and PCI seems to be addressing two of the most common PCI concerns, how to limit PCI scope and what are proper compensating controls. As further proof of the increasing importance of network segmentation, Verisign in their white paper on PCI audit failure, calls out lack of network segmentation as a reason for PCI assessment failure “They [organizations,] often fail PCI assessment because they have very flat (non-partitioned) networks in whi

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123