We are a small scale service provider to tenants of our buildings. We are working towards Service Provider PCI compliancy. Some unique situations have forced us to place switches in a tenants space in a lockable cabinet. From the PCI design guide, it just mentions turning off password recovery and encrypting passwords in the config. That's no problem and along with the lockable cabinet seems sufficient to protect unauthorized access to the switch.
I can't find clear statements if that is sufficient. I realize it's ultimatly up to a QSA, but I'd like to have things in good shape before one shows up.