How Virtualization Affects PCI DSS Part 2: A Review of the Top 5 Issues
Achieving Payment Card Industry (PCI) compliance in a virtualized environment is very much attainable. It simply requires one to understand the intent of each of the requirements and how these are impacted by virtualization. As one goes through this process it will quickly find, in most organizations, that each of the compliance challenges presented by virtualization can be mitigated or worked around in a reasonable and practical manner. This paper aims to highlight what is believed to be the top five issues and concerns that PCI Qualified Security Assessors (QSA's) have about virtualization technology.