|
|
|
|
|
|
by pionar
3317 days ago
|
|
|
Wait, why was your client running a desktop OS in-scope? Every PCI zone I've seen is just servers (Windows Server and Linux). Does the client store card data on desktop machines? Generally, you'll have a locked-down portion of your infrastructure be PCI-compliant, and that's the only place card data is stored or entered. That reduces your scope and costs. |
|
|