PCI compliance

I am trying to navigate the self assessment questionnaire D and the requirements to become compliant for PCI.  I have read about the segmentation of a network to keep any systems that transfer, process or store card data as separate from other systems as possible...

I was just curious if any of you experts have had any experience doing this and what you actually did to meet the needs of PCI compliance.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Mark BillExchange, AD, SQL, VMware, HPE, 3PAR, FUD, Anti MS Tekhnet, Pro EE, #1Commented:
I do a bit of this in work for my company presently it involves so many things how can we begin a discussion. Here are just some!

Company wireless not accessible by the lan.
Transaction interacting or data holding servers which you mention being on different subnets.
Computers and servers being 100% up to date with AV that runs on access scanning, all client computers with all windows updates and servers too but be careful with your important servers.
very strict firewall policies lan to wan and wan to lan.

Its just so over the top everything and anything really, I would outsource the payments side of it anyway or at least be operating in conjunction with a 3rd party on it.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
IKtechAuthor Commented:
I am looking at using a third party to hold all card holder data to make this process a little easier...  It seems the company that we already use for virtual terminal CC processing has a few solutions that will simplify the PCI process...  Thanks!!!
IKtechAuthor Commented:
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.