PCI compliance is all about protecting your core servers, and you can't be careful enough when you go about this. Protecting your servers is all about guarding key components from the rest of your online systems, and most important of all, perhaps, is isolating the server that you use for crucial credit card data from the rest of the systems on your network. This is really the heart and soul of PCI compliance. Now I'm sure that the team you have in charge of security and PCI compliance has set up a Linux based system for your core servers. However, it's very unlikely that every system on your network uses Linux. Under such circumstances, every system that does not use Linux is a potential threat to the security of your network and to integrity of your PCI compliance.
|
|
PCI compliance is all about protecting your core servers, and you can't be careful enough when you go about this. Protecting your servers is all about guarding key components from the rest of your online systems, and most important of all, perhaps, is isolating the server that you use for crucial credit card data from the rest of the systems on your network. This is really the heart and soul of PCI compliance. Now I'm sure that the team you have in charge of security and PCI compliance has set up a Linux based system for your core servers. However, it's very unlikely that every system on your network uses Linux. Under such circumstances, every system that does not use Linux is a potential threat to the security of your network and to integrity of your PCI compliance.
So how do you go about plugging these gaps? Well, we'll go into that in a little more detail a little later, but first let's talk about what PCI compliance demands from your core systems themselves. Remember, the highest security policies for PCI compliance are usually required to be implemented mainly on systems that hold crucial data. Other systems on the network, however, can comply with lower standards of PCI compliance.
How Isolating key systems can aid PCI compliance:
Isolating Linux based systems from other systems on the network can be a tremendous advantage when you're going for PCI compliance. For example, I'm sure that you already have a firewall on your core servers, but if you've isolated those core servers from other systems on your network, especially those systems that are not running Linux, then you can be absolutely sure that your firewall is foolproof. Remember that if you fail to do this, each non-Linux system on your network can be a possible means of penetrating your core system's firewall, which can obviously lead to a disastrous security breach.
But there is a more serious reason why isolating your core system from the rest of the systems on your network is important. Now many people think that isolating a server means isolating it from unauthorized access from outside your company's systems, but no, what I call isolating a server is isolating it not only from systems outside your company's network, but also from systems within your company's networks. Full Story |