VMware and Foundstone recently completed a two-part white paper on how virtualization affects PCI Compliance. It takes a pragmatic view at the different components of
virtualization technologies and provides a perspective on how
enterprises that are looking to deploy such technologies should think
about their impact on PCI compliance initiatives.
- Part 1: Mapping PCI Requirements and Virtualization
This paper presents a mapping for the various and relevant PCI requirements and how these are impacted by virtualization.
- Part 2: A Review of the Top 5 Issues
paper highlights what we believe to be the top five issues and concerns
that PCI Qualified Security Assessors (QSA’s) have about virtualization
technology. For each of these we propose solutions that organizations
can rely on to demonstrate compliance while deploying virtualization
technology within their PCI environment.