In addition to defining PCI cloud hosting providers’ roles and responsibilities when it comes to achieving compliance in conjunction with clients/merchants, the recently released PCI DSS Cloud Computing Guidelines from the PCI Security Standards Council, also covers a few examples of compliance challenges that may arise:
How can many of these challenges be overcome? By establishing complete transparency with your PCI cloud hosting provider. As I wrote about in Four Ways to Gain Transparency with PCI Hosting Providers, here are some ways you can ensure complete visibility:
Related Links:
Customer Privacy in Cloud Computing Contracts Key for PCI Compliance
On January 31, the Payment Card Industry Security Standards Council issued its new set of card data security guidelines for merchants and payment providers. The supplemental document addresses increasing risks to e-commerce environments and how online businesses should work with … Continue reading →
PCI Compliance Supplement Gives Tips For Merchants
Last month the Payment Card Industry Security Standards Council (PCI SSC) released their Information Supplement: PCI DSS E-Commerce Guidelines. These guidelines were focused on e-commerce merchants, and how to keep compliant whether outsourcing payment processing, keeping it in-house, or creating … Continue reading →
PCI Compliant Requirements & PCI Compliant Services Matrix
The PCI DSS (Payment Card Industry Data Security Standards) require the use of certain technical security services. Below is a matrix of the requirements paired with actual PCI compliant services that fulfill them. Click on each PCI compliant service to … Continue reading →
References:
PCI DSS Information Supplement: PCI DSS Cloud Computing Guidelines (PDF)
Looking for more information on PCI hosting requirements, recommendations, and the foundation of a secure PCI compliant data center?
Download our PCI Compliant Hosting white paper now for a complete guide to PCI hosting with IT vendors.
Still have questions? Contact us now. Find out more about our fully compliant, PCI hosting solutions, or submit a quote request for your project today.
Otava provides the secure, compliant hybrid cloud solutions demanded by service providers, channel partners and enterprise clients in compliance-sensitive industries. By actively aggregating best-of-breed cloud companies and investing in people, tools, and processes, Otava’s global footprint continues to expand. The company provides its customers in highly regulated disciplines with a clear path to transformation through its effective solutions and broad portfolio of hybrid cloud, data protection, disaster recovery, security and colocation services, all championed by an exceptional support team. Learn more at www.otava.com.