We need to be PCI compliant for some credit card processing we do. How do people do this in other shops?
How do you secure your SVN?
How do you secure your build server?
How does code get migrated from the developers to production?
+1
A:
This is all the process of PCI compliance.
Take a look at: http://www.keross.com/pci-dss-requirements-version-1.2.html
Typically, you'd hire an external security company who would help you through this process.
Noon Silk
2010-05-28 05:16:37
+1 for "hire an external security company". PCI compliance is not simple, and you'll probably need to be externally audited anyway if you want to handle credit card processing.
Dean Harding
2010-05-28 05:22:58