PCI SSC Releases Scoping and Segmentation Guidance

February 1, 2017 KATE DONOFRIO

As we all were working hard, with holiday vacations and a new year in our reach, the PCI SSC released a guidance document that has been long awaited. The Guidance on Scoping and Segmentation was released to all December 2016.

The guidance includes a lot of great clarifications on scope. For instance, they finally ended the age-old argument of whether a jump server, or anything else for that matter, could descope the administrator workstation/laptop. By the way the answer to that question appears definitively to be NO.

As with most guidance, it has also created a lot of unanswered questions. In my opinion, the best thing so far the guidance has accomplished is that it has provoked a lot of great conversations on scoping and has companies thinking about security. I highly suggest giving it a read and sharing it with your teams.

For more information on the new guidance and scoping scenarios, you can join Jacob Ansari on our free webinar: WEBINAR - Determining Scope for PCI DSS Compliance

Previous Article
PCI: What Are The Benefits of a PCI Assessment?
PCI: What Are The Benefits of a PCI Assessment?

What Are The Benefits of a PCI Assessment?  

Next Article
PCI Risk Assessments – Why Is It Important?
PCI Risk Assessments – Why Is It Important?

The goal of PCI DSS is to reduce the risk of credit card breaches. That, however, is a broad statement inte...