When the PCI Security Council last month rolled out new, and quite useful, scoping/segmentation guidelines for retailers, the council’s CTO made an interesting comment. “For years, we have preached the need to simplify and minimize the footprint of cardholder data,” said Troy Leach in a statement. “One way to accomplish this is through good segmentation. It allows an organization to focus their attention on a limited number of assets and more readily address security issues as they arise. As a result, it should also reduce the level of effort to comply with PCI DSS.”
You can read the full article here.