Dear All,
Good day, trust you are fine.
I need you to kindly shed more light on an issue for me. I am currently on a PCI DSSv3 project for a data co-loaction service provider. The scope is the data center (tier 4). In this DC, there are 750 racks, in each rack are servers where the data is stored. Some server stores information containing CHD, some do not but all racks are in the tier 4 DC which is the scope like I said.
This company is ONLY responsible for providing the rack, power, cooling, IP addresses(internal and external) etc. in the DC while the client is responsible for the servers(hardware and software) and the internet link(which is vendor independent).
This client wants be to PCI DSS compliance as the do data co-location for some banks.
Kindly assist on how to ensure this client meets the Requirements 2,3,4,5,6,10 & 11.5.
Thanks in advance.