PCI Council releases guidelines for cloud compliance

By Thor Olavsrud , CIO |  Data Protection, PCI council

  • Cloud overview. The supplement provides an explanation of common deployment and service models for cloud environments, including how implementations may vary within the different types.
  • Cloud provider/cloud customer relationships. The supplement outlines different roles and responsibilities across different cloud models and provides guidance on determining and documenting the responsibilities.
  • PCI DSS considerations. The supplement provides guidance and examples to help organizations determine responsibilities for individual PCI DSS requirements, including segmentation and scoping considerations.
  • PCI DSS compliance challenges. The supplement describes some of the challenges associated with validating PCI DSS compliance in a cloud environment.

In addition, PCI SSC says the document also includes a number of appendices that address specific PCI DSS requirements and implementation scenarios, including additional considerations to help determine PCI DSS responsibilities across different cloud service models; sample system inventory for cloud computing environments; a sample matrix for documenting how PCI DSS responsibilities are assigned between the cloud provider and client; and a starting set of questions that can help determine how PCI DSS requirements can be me in a particular cloud environment.

Thor Olavsrud covers IT Security, Big Data, Open Source, Microsoft Tools and Servers for CIO.com. Follow Thor on Twitter @ThorOlavsrud. Follow everything from CIO.com on Twitter @CIOonline and on Facebook. Email Thor at tolavsrud@cio.com

Read more about compliance in CIO's Compliance Drilldown.


Originally published on CIO |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness