Subject: | |
From: | |
Reply To: | |
Date: | Tue, 8 Apr 2014 22:05:45 -0700 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
>> On Apr 8, 2014 11:32 PM, "ToddAndMargo" <[log in to unmask]
>> <mailto:[log in to unmask]>> wrote:
>>
>> On 04/08/2014 08:25 PM, Paul Robert Marino wrote:
>>
>> Well frankly if you need PCI-DSS compliance pay for RHEL. Its
>> honestly
>> not that expensive for the few systems that really require it.
>> Only the
>> system's that handle credit cards supposedly require it and in most
>> ecommerce companies that's probably 2 to 4 system's so what's the
>> problem wit paying $750 a year each for those few systems to not
>> have to
>> deal with the problems and giving the stock investors a warm and
>> fuzzy
>> feeling. Your time spent on it costs them more money and ti
>> reduces all
>> the stress on every one if you buy compliance on the cheap.
>>
>>
>> Hi Paul,
>>
>> Is SL not PCI compliant because it is not a commercial
>> effort? I thought SL got all the patches the RHEL
>> got? Please elucidate.
>>
>> Oh, and it is a sole proprietor and CHEAP doesn't
>> begin to describe him. (Nice guy though.)
>>
>> Many thanks,
>> -T
>>
On 04/08/2014 09:24 PM, Jamie Duncan wrote:
> PCI compliance is a lot more than just the code. Red Hat goes through
> multiple processes with these governing bodies to certify RHEL. That
> doesn't pass down to downstream distributions.
>
Hi Jamie,
Yikes. That I did not realize. Thank you for the
heads up!
-T
|
|
|