Archive for November 7th, 2018

07
Nov
18

One Last Time On Disaster Recovery

By PCIGuru Leave a Comment
Categories: Requirement 3 - Protect stored cardholder data and Requirement 4 - Encrypt transmission of cardholder data

I have written three posts on this topic, yet it still comes up.

Here are the Cliff Notes from those posts.

Hot sites are always in scope for PCI compliance because they can support failover on demand.

Cold sites are never in scope for PCI compliance because there is nothing there that would be in scope.

Warm sites are only in scope if they have cardholder data (CHD) processed, stored or transmitted from that site.

There are nuances with all of this, so if you want more information, read the three posts.

Advertisement

Welcome to the PCI Guru blog. The PCI Guru reserves the right to censor comments as they see fit. Sales people beware! This is not a place to push your goods and services.

November 2018
M T W T F S S
 1234
567891011
12131415161718
19202122232425
2627282930