|
|
|
|
|
|
by orofino
5225 days ago
|
|
|
IANAL (or QSA) PCI doesn't specifically say anything about usage of a VPS. It does however speak about access to data. If you have encrypted credit card information, you'll be asked to list those that have access to the encrypted information, they encryption key, and the key encrypting key. Then you'll be asked to justify their access. I'm sure I could come up with with several other major violations, but this alone is severe enough that I can't envision a way that you'd pass a PCI audit. |
|
|