I had a customer ask me if they can setup an LLC to reduce PCI scope for a specific product. I told them that the issue is shared resources (people, processes, and technology) and that the work to setup and isolate network, people roles, process for this would be significant. My answer is really make all PCI DSS scoped product environments compliant. Can someone provide some thoughts on my approach?
Free Guide: Managing storage for virtual environments
Complete a brief survey to get a complimentary 70-page whitepaper featuring the best methods and solutions for your virtual environment, as well as hypervisor-specific management advice from TechTarget experts. Don’t miss out on this exclusive content!