On Apr 8, 2014 11:32 PM, "ToddAndMargo" <[email protected] <mailto:[email protected]>> wrote:On 04/08/2014 08:25 PM, Paul Robert Marino wrote: Well frankly if you need PCI-DSS compliance pay for RHEL. Its honestly not that expensive for the few systems that really require it. Only the system's that handle credit cards supposedly require it and in most ecommerce companies that's probably 2 to 4 system's so what's the problem wit paying $750 a year each for those few systems to not have to deal with the problems and giving the stock investors a warm and fuzzy feeling. Your time spent on it costs them more money and ti reduces all the stress on every one if you buy compliance on the cheap. Hi Paul, Is SL not PCI compliant because it is not a commercial effort? I thought SL got all the patches the RHEL got? Please elucidate. Oh, and it is a sole proprietor and CHEAP doesn't begin to describe him. (Nice guy though.) Many thanks, -T
On 04/08/2014 09:24 PM, Jamie Duncan wrote:
PCI compliance is a lot more than just the code. Red Hat goes through multiple processes with these governing bodies to certify RHEL. That doesn't pass down to downstream distributions.
Hi Jamie, Yikes. That I did not realize. Thank you for the heads up! -T
