07
Nov
18

One Last Time On Disaster Recovery

By PCIGuru Leave a Comment
Categories: Requirement 3 - Protect stored cardholder data and Requirement 4 - Encrypt transmission of cardholder data

I have written three posts on this topic, yet it still comes up.

Here are the Cliff Notes from those posts.

Hot sites are always in scope for PCI compliance because they can support failover on demand.

Cold sites are never in scope for PCI compliance because there is nothing there that would be in scope.

Warm sites are only in scope if they have cardholder data (CHD) processed, stored or transmitted from that site.

There are nuances with all of this, so if you want more information, read the three posts.

Advertisement

0 Responses to “One Last Time On Disaster Recovery”

Feed for this Entry Trackback Address

  1. Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

« PCI Council Advises On Approved PTS Devices
Service Provider To A Service Provider »

Welcome to the PCI Guru blog. The PCI Guru reserves the right to censor comments as they see fit. Sales people beware! This is not a place to push your goods and services.

November 2018
M T W T F S S
 1234
567891011
12131415161718
19202122232425
2627282930  

%d bloggers like this: