The phrase 'segmentation' is used to describe the process of separating the cardholder network from other networking resources that are not involved in storing, processing or transmitting card data. Segmentation must be delivered through appropriate security controls and will most frequently require the use of a stateful inspection firewall to track the state of connection into and out of the cardholder network segment.
|
|
|
|
|
|
Segmentation in its purist sense does not instantly provide a mechanism for de-scoping PCI DSS. Instead, it must be reviewed in conjunction with the services delivered from, and accessible through, the Cardholder environment. Nettitude strongly recommends working with a Qualified Security Assessor to ensure that network segmentation is implemented in a manner that will truly reduce the exposure to risk and consequently descope the PCI DSS audit.
To find out more about how Nettitude can help you with your Compliance requirements,
please complete our contact form,
and a Consultant will respond to your enquiry.
|
|
|