Do Mainframes Get A Pass? standard
![](https://i0.wp.com/www.brandenwilliams.com/wp-content/uploads/2010/01/3776696694_74c6ed48ef_m.jpg?resize=150%2C150&ssl=1)
When I first started doing PCI DSS work under the then CISP and SDP standards, one of the biggest problems I ran into was what to do with one of those fancy mainframes. In this job, you see ALL manner of mainframes. I’ve seen super shiny, brand new z/OS multiplexes to aging, but functional Tandems to an OS/390 system that literally had no changes performed on it in more than two years. How does anti-virus apply to those again? I recently fielded a question about mainframes, and if they still “get a pass” when it comes to certain requirements like anti-virus (Req 5), and encryption (Req 3.4). As is with most of PCI DSS interpretation questions, it certainly depends on ...
Continue Reading