Webinar with PCI SSC Discusses Emerging PCI Security Risks in the Cloud

Posted 11.1.13 by
wpadmin
Blog

Next Wednesday, Online Tech’s Director of Operations Jason Yaeger will be participating on a panel discussion with technical and administrative PCI DSS experts, including Bob Russo from the PCI Security Standards Council, to discuss the role that cloud service providers play in protecting cardholder data, as well as the security issues involved.

Title: Navigating PCI Security Mountains in the Cloud
Register: Sign Up on BrightTalk.com
Who: Brandon Dunlap, Brightfly, Inc.; Bob Russo, PCI SSC; Jason Yaeger, Director of Operations, Online Tech; Randal Asay, Catbird
When: November 6, 2013 @2PM ET
Descriptions: Organizations outsourcing card data to the cloud face significant security risks. As soon as an organization adds other players to the offsite card-management mix, ensuring compliance with the PCI Data Security Standard becomes increasingly challenging. Cloud users and cloud service providers need to understand what their roles and responsibilities are when it comes to protecting this data. Storing, processing and transmitting cardholder data in the cloud brings the cloud environment into scope for PCI DSS.

Organizations need to know where their data is at all times. A lot of cloud clients have limited or no control over cardholder data storage. Where’s the data being stored? Is it stored in multiple locations? These are all things that you have to take into consideration when you’re thinking about outsourcing to a cloud provider. Learn how to address PCI compliance challenges in the cloud and gain new insights on:

  • Emerging PCI security risks in the cloud
  • Processes for assessing risk when card data could potentially be stored in multiple locations
  • Recommendations for achieving PCI compliance across virtual environments
  • How to use a data-centric approach to reduce the cost and scope of PCI Compliance

Jason Yaeger, Risk Management & Security Officer, Online Tech

Jason YaegerJason Yaeger is Online Tech’s Risk Management and Security Officer. In his three years at Online Tech, Jason has guided the company through successful completion of many audits, including SAS 70 Type I, SAS 70 Type II, SSAE 16, SOC 2, HIPAA, and PCI.

In addition to overseeing operations across all of Online Tech’s data centers, Jason is also the Vice President of the Southeast Michigan Chapter of 7×24 Exchange. Prior to Online Tech, Jason was Director of Internet Operations at 20/20 Communications where he spent 8 years developing the company’s wireless and internet initiatives.


Find out more about PCI DSS in the cloud by reading:

PCI DSS V.3.0: Risk Assessment Frameworks for Ecommerce, Mobile & Cloud Computing
The PCI Security Standards Council recently issued a press release about anticipated changes to the PCI DSS (Payment Card Industry Data Security Standards) and PA-DSS (Payment Application Data Security Standard) as a preview for the changes in the third version … Continue reading →

Pairing Cloud Computing Benefits with Security and Compliance
The added business value of cloud computing is multi-faceted, as Online Tech’s co-CEO Mike Klein outlined in a previous article, The Six Benefits of Cloud Computing, which I’ll summarize here: Lower Costs Pooling of computing resources means better efficiency and … Continue reading →

About Otava

Otava provides the secure, compliant hybrid cloud solutions demanded by service providers, channel partners and enterprise clients in compliance-sensitive industries. By actively aggregating best-of-breed cloud companies and investing in people, tools, and processes, Otava’s global footprint continues to expand. The company provides its customers in highly regulated disciplines with a clear path to transformation through its effective solutions and broad portfolio of hybrid cloud, data protection, disaster recovery, security and colocation services, all championed by an exceptional support team. Learn more at www.otava.com.

Get started with Otava now!

  • This field is for validation purposes and should be left unchanged.