By Lynn Rohrer-Oracle on Apr 24, 2013
Check out Coalfire Systems new paper which provides guidance to IT professionals who are implementing Oracle Solaris 11 within their Cardholder Data Environment (CDE) and to the Qualified Security Assessor (QSA) assessing those environments.
The Payment Card Industry Data Security Standard (PCI DSS) applies to all organizations that store, process, or transmit cardholder data. This includes entities such as merchants, service providers, payment gateways, data centers, and outsourced service providers.
The Oracle Solaris 11 features highlighted in the paper specifically address PCI DSS compliance; however, the same basic tenets can be used for meeting other regulatory environment standards such as the Gramm–Leach–Bliley Act (GLBA), Sarbanes Oxley (SOX), the Health Insurance Portability and Accountability Act (HIPAA) and the Federal Information Security Management Act (FISMA).