VMware Takes Virtualization Discussions into Realm of PCI Compliance
Cybersecurity
SHARE
Facebook X Pinterest WhatsApp

VMware Takes Virtualization Discussions into Realm of PCI Compliance

Written By
Brian Prince
Brian Prince
Nov 12, 2008
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

The honeymoon may soon be over for any retailers that have not extended attention to the Payment Card Industry Data Security Standard to their virtual environments.

VMware announced today it has joined the PCI Security Standards Council in a bid to include specifics related to virtualization into the Payment Card Industry Data Security Standard (PCI DSS), as well as spread awareness of how the technology can help enhance security and compliance.

It’s no secret that virtualization is spreading among businesses. Despite its growth, however, there is still nothing in the PCI standard that specifically mentions virtual hosts and networks. On its own, VMware has sought to bridge that gap by disseminating information through its VMware Compliance Center via whitepapers and podcasts, which can be downloaded here.

The lack of guidance in the regulation itself has led to confusion among merchants, explained Shekar Ayyar, vice president of infrastructure alliances at VMware.

“When it comes to compliance-related domains, PCI being one of them, it is still somewhat of a…gray area where there’s not a whole lot of understanding of what that is, whether it’s from the standards council standpoint or whether it is from the auditor’s standpoint,” he said. “What we are looking to do is really…articulate more clearly what first of all virtualization as an architecture and an infrastructure can enable and how compliance auditors as well as rule-makers need to be thinking about that.”

He added that technologies VMware is working on can have a sharp influence on compliance and enforcement, such as the VMsafe API.

“So that’s kind of the driving force behind doing this…their version 1.2 of the [regulation] for example still doesn’t really talk about virtualization, so the hope is that through closer engagement and by working with them as part of the council we will be able to bring more awareness to that as we go forward,” Ayyar said.

As a member of the council, VMware will have access to the latest payment card security standards from the council and be able to provide feedback.

“The PCI Security Standards Council is committed to helping everyone involved in the payment chain protect consumer payment data,” said Bob Russo, general manager of the PCI Security Standards Council, in a statement. “By participating in the standards setting process, VMware demonstrates it is playing an active part in this important end goal.”
Brian Prince
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

facebook
linkedin
youtube
rss
x

Company

About us Contact us Advertise with us

Categories

Latest News Resources Artificial Intelligence Video Big Data & Analytics Cloud Networking

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information