PCI Compliance in the Cloud

Peter : On Rad's Radar?
Peter
| Peter Radizeski of RAD-INFO, Inc. talking telecom, Cloud, VoIP, CLEC, and The Channel.

PCI Compliance in the Cloud

On this blog, the author posts a reply from Amazon about the level of PCI Security of EC2 and Amazone Web Services. 

As for PCI level 2 compliance, that requires external scanning via a 3rd party, PCI-approved vendor. It is possible for you to build a PCI level 2 compliant app in our AWS cloud using EC2 and S3, but you cannot achieve level 1 compliance. And you have to provide the appropriate encryption mechanisms and key management processes.

What strikes me as funny is that PCI Compliance is confusing enough without adding the cloud to it. Also, data security is almost a misnomer with the number of breaches that professional cyber-criminals perpetrate almost weekly. Cloud or no cloud, security is breached. 

I guess its like spam: we'll always have it. And unlike PGP encryption: hardly used at all.


Related Articles to 'PCI Compliance in the Cloud'
earthlink
dropped.jpg
Drucker-measure.png
cpz_191739.jpg

Featured Events