11-19-13 | Blog Post
If you missed the webinar panel discussion on managing emerging PCI security risks in the cloud with Brightfly, PCI Security Standards Council, Online Tech, and Catbird , you can now view the recording online. The panel discussed the role cloud service providers play in protecting cardholder data and the security issues involved. With Bob Russo from the PCI SSC (Payment Card Industry Security Standards Council) and Jason Yaeger of Online Tech, PCI Compliant Hosting provider, the webinar shares regulatory and technical perspectives to guide the development of a PCI compliant cloud.
Webinar description: Organizations outsourcing card data to the cloud face significant security risks. As soon as an organization adds other players to the offsite card-management mix, ensuring compliance with the PCI Data Security Standard becomes increasingly challenging. Cloud users and cloud service providers need to understand what their roles and responsibilities are when it comes to protecting this data. Storing, processing and transmitting cardholder data in the cloud brings the cloud environment into scope for PCI DSS.
For further guidance, read our PCI Compliant Hosting white paper.
It discusses the impact of the PCI DSS standard on data centers and server infrastructure, describes the architecture of a PCI compliant data center both technically and contractually, and outlines the benefits and risks of data center outsourcing, and vendor selection criteria.
Jason Yaeger, Risk Management & Security Officer, Online Tech
Jason Yaeger is Online Tech’s Risk Management and Security Officer. In his four years at Online Tech, Jason has guided the company through successful completion of many audits, including SAS 70 Type I, SAS 70 Type II, SSAE 16, SOC 2, Safe Harbor, HIPAA, and PCI.
In addition to overseeing operations across all of Online Tech’s data centers, Jason is also the Vice President of the Southeast Michigan Chapter of 7×24 Exchange. Prior to Online Tech, Jason was Director of Internet Operations at 20/20 Communications where he spent 8 years developing the company’s wireless and internet initiatives.
About the Author
April Sage has been involved in the IT industry for over two decades, founding first a technology vocational program, and secondly a bioinformatics company supporting the pharmaceutical industry in the development of research portals, drug discovery search engines, and other software systems. Currently, April is the Director Healthcare IT for Online Tech, focusing on HIT thought leadership and the impact of HIPAA/HITECH policy on IT infrastructure and systems. April holds a BGS from the University of Michigan, and is currently a member of the University of Michigan’s inaugural 2014 Masters Health Informatics cohort.