pci compliance question

Hi,

I have a small web hosting business and we isolate each domain in their own jail with ourn web server..

How do I comply with pci compliance in my scenario?
Do I need to apply for each webjail or the server?

Thank you
 
From https://www.pcisecuritystandards.org/pci_security/maintaining_payment_security
Quick Steps to Security

A model framework for security, the PCI Data Security Standard integrates best practices forged from the years of experience of security experts around the world.

The standard works for some of the world’s largest corporations. And it can work for you.

Buy and use only approved PIN entry devices at your points-of-sale.
Buy and use only validated payment software at your POS or website shopping cart.
Do not store any sensitive cardholder data in computers or on paper.
Use a firewall on your network and PCs.
Make sure your wireless router is password-protected and uses encryption.
Use strong passwords. Be sure to change default passwords on hardware and software – most are unsafe.
Regularly check PIN entry devices and PCs to make sure no one has installed rogue software or “skimming” devices.
Teach your employees about security and protecting cardholder data.
Follow the PCI Data Security Standard.
:)
Also see http://www.spacenet.com/Portals/0/PDFs/spacenet-pci-whitepaper.pdf
 
Back
Top