26 May
2012
26 May
'12
7:17 a.m.
On Fri, May 25, 2012 at 11:27 PM, Ken godee ken@perfect-image.com wrote:
wow, seems like quite a lot.
What "level" of PCI/DSS compliance are you going for?
I have to check this with the client. Credit card information will be encrypted and stored in client's own db.
The only other thing I might add....
Are you hosting the hardware? If it's hosted else where then the "facility" that's hosting the hardware needs to be PCI/DSS complaint.
The client will be hosting it on their own office premise (the physical security aspect is being handled by another vendor).
Thanks, -- Arun Khan