Join Newsletter
Trusted Business Advisors, Expert Technology Analysts

Taneja Blog

Taneja Blog / Cloud

A Major Cloud Milestone: Payment Data Security Reference Architecture

If you follow the Payment Card Industry (PCI) Data Security Standard (DSS), you know how important compliance is. You also know that until last month, PCI DSS gave no specific guidance for either virtualization or cloud computing. As always, it takes some time for the standard to catch up with new technology platforms, and the delay has certainly slowed the penetration of virtualization in applications and data stores that contain customer payment card information.

With the release of PCI DSS version 2.0, virtualized IT resources (hypervisors, machines, switches, routers, appliances, desktops, etc.) are now included in the ‘System Components’ that can be made compliant. However, as with all standards, customers will still need rock-solid guidance from the vendor community before they feel comfortable that their deployment of any specific virtualized resource is in compliance.

Rising to the challenge very quickly, a consortium of security leaders has just issued a PCI-Compliant Cloud Reference Architecture, which is a great read whether you are responsible for cardholder data or just want to understand the issue in more detail. Good friends of mine at HyTrust and VMware worked with Cisco, Savvis and Coalfire on the document, and I encourage you to explore how these vendors are leading the way to a more secure, reliable, and manageable cloud.

  • Premiered: 11/10/10
  • Author: Taneja Group
Topic(s): Cisco Cloud Computing HyTrust Security Virtualization VMWare


There are no comments to display. Scroll down to leave your own!


Leave a Comment

You must be logged in to comment. Click here to log in or register if you don't have an account.