Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


VMware Takes Virtualization Discussions into Realm of PCI Compliance



 By: Brian Prince
2008-11-12
Article Rating:starstarstarstarstar / 2


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
VMware has joined the PCI Security Standards Council in a bid to get language dealing specifically with virtualization added to the Payment Card Industry Data Security Standard. The lack of guidance on the issue has been a challenge for retailers as adoption of virtual environments has grown, according to VMware.

The honeymoon may soon be over for any retailers that have not extended attention to the Payment Card Industry Data Security Standard to their virtual environments.

VMware announced today it has joined the PCI Security Standards Council in a bid to include specifics related to virtualization into the Payment Card Industry Data Security Standard (PCI DSS), as well as spread awareness of how the technology can help enhance security and compliance.

Its no secret that virtualization is spreading among businesses. Despite its growth, however, there is still nothing in the PCI standard that specifically mentions virtual hosts and networks. On its own, VMware has sought to bridge that gap by disseminating information through its VMware Compliance Center via whitepapers and podcasts, which can be downloaded here.

Resource Library:

The lack of guidance in the regulation itself has led to confusion among merchants, explained Shekar Ayyar, vice president of infrastructure alliances at VMware.

When it comes to compliance-related domains, PCI being one of them, it is still somewhat of agray area where theres not a whole lot of understanding of what that is, whether its from the standards council standpoint or whether it is from the auditors standpoint, he said. What we are looking to do is reallyarticulate more clearly what first of all virtualization as an architecture and an infrastructure can enable and how compliance auditors as well as rule-makers need to be thinking about that.

He added that technologies VMware is working on can have a sharp influence on compliance and enforcement, such as the VMsafe API.

So thats kind of the driving force behind doing thistheir version 1.2 of the [regulation] for example still doesnt really talk about virtualization, so the hope is that through closer engagement and by working with them as part of the council we will be able to bring more awareness to that as we go forward, Ayyar said.

As a member of the council, VMware will have access to the latest payment card security standards from the council and be able to provide feedback.

The PCI Security Standards Council is committed to helping everyone involved in the payment chain protect consumer payment data, said Bob Russo, general manager of the PCI Security Standards Council, in a statement. By participating in the standards setting process, VMware demonstrates it is playing an active part in this important end goal.





  Reader Comments: VMware Takes Virtualization Discussions into Realm of PCI Compliance
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Brian Prince
 


x}is㶲*Qމg5E=RJؖgRJEĘ"yHKΟ_n?~M -yLO-`hFw?H9sur&56%3E]"I{#(p,IfA)v@{iFuۚ8͂ApTwd>J`OS;S-)&ӰY |+[3}BF\3b ^Qk$Ё_MMJDDRzGEQݓ-Dm:]'w*GUFn3pa_ʞy5ExLԤ#|xB'gxdY (ƻfՉziZgdd vuiz]],s&,U+M ͻS P2zhN4,2Y˲nMwͰ-P6MTZ]QJr╻]`[BUzEÝ|c4;~)UUq޿^H #[wn5ZIkTwzɀ\>uɣ59N.N7߈ QR"jt0KQI 1u$/@Bs>o VQWB-r)ځVR\FZV@`F`%pbQUrgSKbй;d9:=vN|bPk5Mz"1h ؕ 3Fz 'ϗ݋uqSGR}Bg#j`BcYqeUo~vO|g6~l M u ôW+ I-qhC!u{D ,_dxpL~9CJ ݖEL_*D\KŗG)LY4C! ,6ɌcPu t:C|sNFZRĿ"E/jY[6'jdamI՘iS_dxeޡ:I=x9&E;~}T364>H ,H!eݴ%g榣V61W*P\?(ËJCU~^q-Aqj2B c=&M:vXy8`;}FwgԴHwӈ<: M/C˥uj1@ L^a ;pw>-Fv9s{Q {>0iCkFY`GI l"&qsк`&o@Z@[3aP#[ѽk:Fz?A6 =2/?>fCxwݐ] cRRR$S !hI#r B!,`@n%` [AX ar Tt@Gҙ;qjr_)hJ9cb -x[b}ILgF2+ɨɬaX91yMf#T`"[ᛥLKak`Dݘ,MkT逦 2,X<}=˚pn&i [NHu0jHB\UGeyLg9@߽h7,kRmA 9g)Eu5>T1n,S˘ \ >eB#`9{M?g[,:rǸ!W.qМwaM_ȣ~|XÈI/uO'ܑm˹JoBo*څP_.dI_fMblȜu>I!VB17OD)wz@aeXd|re{RՌ{`ELE:a5=%ӻnR?ԝQƠ;BZSOs\':[[%7˺I8T*{ۥi]hk%Rd7Bɶ/^¢xmP2֡R$kϥӲ=6PCD62C 7(=u > XTM.v0>2ai[[zESZ2{5k憭l0!/Ȁ2n(进,9ق Yr>::\9{~g2]|:*Gt>JeכAc SO5,FfF-  o _%t1tJ/]aY8-- 'uaOhK3Wk3 $hD4e2f,4_\0-xJD%h\Rj&24Z(@Sy{2$u`m\>(gpFl`^|?CU^oVSxw"ZTlcCjvPVk7;zAq{ q@0DW׃ZfmY:4қ`>snA.,|pZENYO`s!AZNҎ@OeƆR1P^Cs2ܝ+(:H3 |jwVQ=/YQf#a "gc+0jנj@_Q>Y6i` :2 ~6f8f&af4Y[ ⦪ʾ_qW7g)|h#RL@ ` Kx{ZCA;fSx}p@l#RiMݜ5o"vyڀVIJYhQVh]-ۡqm(}^L:<?~˗Ӈޖlwn Aɴ:(vrekP˷bgf\R1ߦI39旉Q䑫VI d$fqNg0cp&v=[9,3?{J 52_=h=JF:ĝCݸ{/"wsԷлM{ls Gq3`3"mLt"#5Z*lZǐlb/n'WA4R΁MOT%0="c^.g}]٘y4>ʐihG2gdYrHUm{\ cw2|UL΋]qTYf)(@q g@fPV|o =$Ԅ7xpLaV*S7oA!RD#+#I UZI`w0DR*MgFssb~f.^+oR@/I6 \S.:;ld~G]ItuxpOJۧ>] y>1Aq3љ^;. vOqa^wԸGZ@MC~ǝ_INjc{~gi\dzLR(1>bt߫]=-co/݋6zv9D 2DH4z7QwŏEGJ:7]9 !Ϻ/Y G^9:봯OM1k&03hĢ<⑩s 3^z0L‴5),wuܹĂ Ӝ4"z?N3"nU8X;Z19ºUXHE`&|C(*tv}E9{B*q_?G2sY=6^SF(+bK"$DY \egǝU_f~ bt<~Ut"vPo9j ~_!c&o8~ Px,Vb:ntDzg{Nbp luYcr!F,-D3/pǻ"TS (zL-ӤNL)fTDіxi'y0:ƶ{8ꀒN9ӻ7lOޢm]nց39X)Lhsy2ؠ3%dBM[Blb%hղoeW!؉|@s`#Ė4'W@_9bc;;_cnkW4VLQwSg]q8;QLLECwv[/W<e,/S+*" ;yBmwQ$T0$fn\ wwvR ),1q]+i՟O&4@˂e 9p˖M`ylPZEc贳EكҷIuD9b!:K2jaԽr ׄHJZ9W8NymY첎EގmYKh'5XR1f}tRRVdQ+d dݦ~83Ir *+S.Lez5%z\NW/atڢIo!~#= ,BHl= $)蛯;MR)=M.ijEI >aB4_%v&-vZȗG]s[c @kD*I@[jrE*&Hl~vyp$$/$UDV⿇YҔ\af;|KII6}.޴[[x<K*ݑnoJOq>AKl&=ǔ+RT8q$O"$:c1$x^^YߒPUURj鄊:`x>ۃ D)qBH=e eeyT8ܴs]OQ_6_?df(hmV$WJʦ$W~=]AY&#il@:-\zϨI/aP\fHq?IR^!7"2kFb,nUZ'7ZiSB1FX^ :L3M4Ue#d0 dJopj~5VCom\ Z)eU_I~u%n q%+#[f`u{sc1҆7MtQ(Xm0؄&1T> KSV %)^j҉:\1]rJ VrXh=6c5%o1C%ѩq7777wjZ|q"^wmDX v>f8E9hc38wЙskA I0/p!"A$ D'+RYJaj= iHH';c~ ;;fmVjYk,Ż9I7Xh*0?'6BHtVz%v86޷J+:xd ԙtݾ1K6x'>Y`')_{= .@Z@mHpoVQQa鐰} @cJk1@w=m}}z|eL%^'#w7$K mL-zK%q׋tۑ]ǜvmmVxQ?oaWk1ɵcj-*q O:m{a.]Ѓx8Uq6srw}Z3-; ʘTjW-xcDzPQ SU9h̨4pLOݹmJhKH;%ﮟNU!ufי)B넽LSF z6~U" -K8ɥvk3(84"ڦ{Vawa+TA8t YzJ@g*Q븶;yKj{`D"P$ãOhkW%ѱsa ͯ~pzeZ^n^ V*xqKܲkFVH ]eV~#Ur5ss=&.⫽kM=%1ȕ[hx5wy#0_ w mvXoɏJk3"{A[o6௶aulau(^gj&/*qdE[Gm^)K*jhk;5tغ DO؆_?MZTˬkjEQ3 ƹ);{db,kVl1P2ծQTKop@aI` =EOaIv|wouv1c נ)8eQ2|ׂ^_F£>W- O *`ݵm{;pOf}S&Lm (h61]d\4瞏QN|ũܱExHl){Z}OL7U ~Z+ RgV(؛L~#; 'O#NcˡWǪ%chٱZǁ;%mT<^+ +^Q$ !J+xfs'>+uLg+vb"m7\%p+p|#RF̯q}%|#6M6XF]Q=@!Ǐ=0]LaרbF).o2N[#{㱅)òO׈1c½ DU<11t#PγjNT\OpY|XC3 L_~ĭR^+oR[ZS!_E_faYFoɀ cNqt'7%eZS[ٓG8@`m¼DRSx% &d.41q9s5h< roEVIv# ,@E슍Bc_" p:םv\tgsG@F;Gym!:y;gq EcFY$*uH ]\W 3k:*|e1uA[4 к|U?|9[CG)W9$#X\+ aE1p4*pgj9&U KdkL 2@: xE ? W>nr[@r!-L~3ۈ 00tkXaϙFLN1}F݅KŇSȧ^1r T-#@a=Q#3)- 9r_A(HU, vqY@y#DL͂zĂ![C1P?Rfjs# a/xSa 3 s``EPf00a|Ln?gAؼO^F#@ 3+f)u n9 :jeOLg>򽉑{:yXRBj@̔0(ˏIJ qXZ~DB(s 6Jkc 7úޛZF #~aP8\  +z+uT'I]WP)q!xW`ǪZIUWt'0x4nV?>.4%WPRh 4 V cvFCd2=`frLufIڗgIUCGWAwA;gk<m[4z?V9>]~>^t.BAc~lL_dj(,Ǜ,# rr>0;eNq*gM B*r<>Z>ZNAw|vuQ#̑:jS#uRBjs@1@C|uw)"z_m99B9WP~ )Ay/)}pp)?'Pq}i:/Zr_7^C9/>s?Cg,>hys~s{993>3 @/?}}̡OP))g|rw y@9{ _ wCi]'I9z9|־ą۩aNy:̡JE5ৼrXB]7V=ןbMexG,D<mcLkbžȁ)1 %YØ/ܻGzʉnS' /\2A4̎slOAprmv+}s`ćax&ʘݧӚ޴#8ŭxg?9/ydֺWWVVlNA6KֈE>Yݩ7 xЧx.؅ oBgUCT,lKeB'hZc(+"D794\9GqbB]Q[tC=ӯ.h ;םCö0I |$U˚VVk[*j]N{Zc=bUUEVrp` VUr `"! *s>P`24UF` Ԋz!J1 4`֭tK_c(wp E Ч /Jv̦H˘E͛YȌ)æʗᄽNگ$` }pLB Pkgq =q] XI5<ZA0b{z ?`-kD2ydpc l$4ǭa&r6oA8Xh -xQ$O?gb֖ |Tu/ \=Ip*WYŲn#Ã& O6Df[ Nؒ1&QSRۨWY)""9<20wHj PZcV}#"0 ۏVӄ.aN+.I$0y.6HǤe @ ޙnǍKטa5sp$Әv͘"񫻟\6SbR m :o1M55~ɡL( V1 kEF(l#Bx*$]vu$$}9= zLgVߜRs7QH墲;нM !W,){+1¢_JdԦu"v/Iߵ9Uw"6[W ^{3D3$ƨz<zH :"VF6V3v,=G[g_5 B<{&3@ gQlVxRD-]szlo0) KlClPvUSLTx/ē_| Њ3g`$7ϒΌLT zZ= v,8%^z'{io=G}c_VeńK!:F1HyU_wD.M%Cb9G$]! ""_S aKl`B`t0)pWS?+"xre뼟˖; Mq VFp)hEN<}}<٢uK ğ?X \ cwHV&(bzUu Ыr!9|d@ooM]-1ee|nHJUƧf2{גG:Ζ$_)0uoAsM> /A.sl2q3f<3@WD0;"67Ys.#sEX,8/ kufw);#[r(c<[^Eҵ<oc3?[<-v; # +_2sE>v/-yJ~Q.u 7tle @J]  >m73T| %` GYU`Kv#q얢UnD9)z0 \M萻kÔpaif#3S{3 ;߂ ixv4u.)ZByһH'}RI>Q}v4:~vډ.3Jbq')tߟWzW XٺqKG_>^KQEy遢%!;Y B*Ew>>^OWzv S&ȕ/2f#oUAYfSժZ-Nj~ӷۊ#iQf8&rYOJ^R۝wz"f/F)SذM*i29J{) qU˕bmTɩqrlǝlr n!%c]&ŮMvbek/*