PCI and Virtualization - White Paper
Virtualization has brought enormous benefits to hundreds of thousands of businesses across the globe. However, the move to these systems has also posed significant implications for security teams—especially for those in organizations that must comply with the Payment Card Industry Data Security Standard (PCI DSS).
Based on the expert insights of qualified security assessors (QSAs), this paper examines the security and compliance challenges that arise in virtualized environments. Then the paper outlines some key approaches for effectively addressing requirement 3 of the PCI DSS when cardholder data resides on virtual systems.