The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique cybersecurity issues that impact the industries we serve, including Cloud Service Providers, RetailFinancial Services, Healthcare, Higher Education, Payments, Government, Restaurants, and Utilities.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.

The Coalfire Blog

VMware releases PCI Solution Guide and it has good news for compliance-oriented buyers

June 22, 2012, Chris Lietz, Vice President, Marketing & Channels

Chris Lietz

This month VMware release an important document, the VMware Solution Guide for Payment Card Industry (PCI). It’s significant because it is the first document of its kind to map the PCI requirements – including those authored by the PCI SSC’s  Virtualization  SIG – to a commercially-available stack of virtualization solutions.  Weighing in at a hefty 184 pages, it contains both an easy-to-understand Executive Summary (pages 19 & 20) and  a set of “Applicability Matrices” (pages 21-183) that exhaustively map the company’s solutions with the PCI 2.0 requirements.

Overall, the Solution Guide contains good news for enterprises that want to deploy VMware solutions and maintain PCI compliance: VMware and its partners address approximately 70% of the PCI requirements.

As an auditor, Coalfire is pleased to see a major vendor like VMware provide such thoughtful and well-researched guidance to the market. We love the transparency, and we think it will help IT solution-buyers make smarter decisions and do a better job managing compliance.

At Coalfire, we are honored to be the IT Governance, Risk and Compliance (IT GRC) firm that VMware chose to work with on its report. Special commendation goes to Tom McAndrew, our EVP of Professional Services and to the entire Cloud and Virtualization team.  Our army of cloud and virtualization auditors are already the most trained and most experienced in the industry, and we look forward to helping our clients use this information to management compliance in an increasingly virtualized world.

<< Go Back

Blog post currently doesn't have any comments.

Post Topics