PCI report clarifies cloud computing security risks, responsibilities

February 16, 2013 Off By David

Grazed from TechTarget. Author: Beth Pariseau.

Although a recent report on PCI DSS offering guidance on cloud computing has received some criticism, some experts say it clarifies cloud computing security risks and responsibilities, and could spur cloud adoption.

Opinions on the viability of achieving compliance with the Payment Card Industry Data Security Standard (PCI DSS) in cloud computing scenarios are mixed; however, Chris Brenton, director of security for CloudPassage and a member of the PCI Security Standards Council (PCI SSC) special interest group (SIG), said it’s possible — but not easy — with due diligence…

Brenton’s not only a participant in the SIG, he’s also a cloud computing client. His company, which manages system security and administration for customers, runs on Amazon Web Service’s (AWS) Infrastructure as a Service (IaaS). And since its software agents for monitoring and configuring devices like firewalls on customers’ servers may come in contact with PCI data, CloudPassage’s servers could also be considered in-scope under PCI DSS…

CategoryNews

Will cloud computing applications become the golden record for customer data?

State government panel considers cloud computing tax issue