[AusNOG] [SPAM] Re: Is CCTV a Necessity in a Data Centre?

Mark Andrews marka at isc.org
Mon Dec 3 10:22:15 EST 2012


In message <CAMtDJDKK6Ka3Hgv8Yx+tdo-yFLVGWEiJpt8rhAO_Pk78qRvPpA at mail.gmail.com>, "Joshua D'Alton" writes:
> 
> Given I replied to you originally thinking you were replying privately vs
> the list, I think it is obvious that the human element is really key, not
> things like CCTV ;P
> 
> Anyway, I'm sure CCTV is essential for things like PCI, to meet the BS red
> tape, but with regards to the OP post generally, so far we've only heard
> political/red-tape reasons.

No.  It is one method of meeting the standard.  The *old* standard
only had CCTV.

Mark

https://www.pcisecuritystandards.org/documents/pci_dss_v2.pdf

9.1.1 Use video cameras and/or access control mechanisms to monitor
individual physical access to sensitive areas. Review collected
data and correlate with other entries. Store for at least three
months, unless otherwise restricted by law.  Note: ―Sensitive areas‖
refers to any data center, server room or any area that houses
systems that store, process, or transmit cardholder data. This
excludes the areas where only point-of-sale terminals are present,
such as the cashier areas in a retail

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org



More information about the AusNOG mailing list