I am looking for some guidelines / experience when it comes to the requirements for a TSM server to backup client servers that handles PCI (Payment Card Industry) data. I have no experience in this area and the person pushing/guiding this has very little experience.
Besides the obvious of encrypting the backups from the user/client side, how do you handle things like making offsite copies (which are also encrypted) using tape? They are talking about setting up a new TSM server just to backup 12-PCI servers, on a separate, isolated network/subnet. When I mentioned that the tape drives used to make the offsite copies is managed by a different TSM server, which would have to communicate with this isolated TSM server (eventhough the data is transferred via fibre), they didn't think that would be acceptable so now we are looking to get another tape drive to dedicate to this isolated server. In my opinion, this is overkill. Your thoughts/wisdom? -- *Zoltan Forray* Spectrum Protect (p.k.a. TSM) Software & Hardware Administrator Xymon Monitor Administrator VMware Administrator (in training) Virginia Commonwealth University UCC/Office of Technology Services www.ucc.vcu.edu zfor...@vcu.edu - 804-828-4807 Don't be a phishing victim - VCU and other reputable organizations will never use email to request that you reply with your password, social security number or confidential personal information. For more details visit http://infosecurity.vcu.edu/phishing.html