Hot off the press….Cisco ACI and PCI Compliance Scope Reduction: Verizon Audit, Assessment, and Attestation White Paper!

Every time customers use a credit card to make a purchase, they are trusting that the company they purchase from will keep their cardholder data safe. However, reports of data breaches at well-known organizations show that personal information can be compromised. That’s why compliance with industry regulations is so important.

Cisco® Application Centric Infrastructure (ACI) uniquely addresses the security needs of the next-generation data center. Instead of the traditional access controls, ACI uses an application-centric approach and policy-based operations model. ACI simplifies Payment Card Industry (PCI) compliance and reduces the risk of security breaches with dynamic workloads while maintaining policy and compliance.

Verizon assessed the PCI compliance posture of the Cisco ACI lab environment. The assessment included the ACI management GUI and ACI fabric (spine and leaf switches). Verizon concluded that ACI can be configured to meet PCI compliance requirements in a customer cardholder data environment.
Verizon also assessed the capability of ACI to provide segmentation for the purpose of isolating PCI system components. Verizon concluded that ACI meets or exceeds the capabilities of traditional segmentation approaches, which use routers and VLANs with explicit, specific access controls.

Read more at...