I did a (vendor) presentation at SHARE Atlanta on PCI DSS. If anyone is interested you can probably find it by searching PCI on the SHARE Atlanta Web site. If not, send me a private note and I will send you the PPT.
Charles -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Tom Ambros Sent: Thursday, September 13, 2012 7:12 AM To: [email protected] Subject: PCI-DSS, sysplex implementation question. We are in the process of implementing the Payment Card Industry Data Security Standards and in an effort to cover everything and not be obliged to look at each instance in a one-off we are curious how other sysplex implementations were done. We would like to understand if we can approach this as virtually a single system image with the appropriate obfuscation, data and network access controls or if it gets more complicated than that. We're running a single zOS sysplex that hosts all our workload and we'd like to keep it that way. We've read the PCI-DSS standard documentation and were impressed by how much they leave open to interpretation and we have read the atsec doc on large system implementations. What has been the experience of the people here? Thank you for your help, maybe we can offer an idea or two of our own that might be useful. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
