SQL Server 2008 for PCI

  • Hello Experts

    We have SS2005 and we use rackspace(http://www.rackspace.com/index.php) to house some sensitive data like CC numbers n SSNs. I was wondering if moving to SS2008 would be a wise option. Can we do what rackspace does , if we get a SS2008 license, If not wat else we need to be independent of rackspace. Please suggest.

    [font="Verdana"]
    Today is the tomorrow you worried about yesterday:-)
    [/font]

  • A lot depends on the level of PCI compliance you are seeking to maintain and your auditor.

    We had a stickler for an auditor and we maintained PCI compliance (highest level) by using SQL 2005. You can use the encryption options in SQL Server for the data. You would need to use a certificate (master key etc) and that should be generated by a different server and imported. You also need to back that up on a regular basis.

    Jason...AKA CirqueDeSQLeil
    _______________________________________________
    I have given a name to my pain...MCM SQL Server, MVP
    SQL RNNR
    Posting Performance Based Questions - Gail Shaw[/url]
    Learn Extended Events

Viewing 2 posts - 1 through 1 (of 1 total)

You must be logged in to reply to this topic. Login to reply