Re: Cloud Computing and PCI Compliance
Re: Cloud Computing and PCI Compliance
- Subject: Re: Cloud Computing and PCI Compliance
- From: Miguel Arroz <email@hidden>
- Date: Sat, 21 Aug 2010 22:15:58 +0100
| Hi!
PCI compliance is way more complex than simply passing the port-scan and automated tests. I don't recall all the details, but you have to answer a self-assessement form, and in that form I think they ask some stuff that can't be answered "Yes" if you are using Amazon (or any other cloud service).
On the other hand, some of those questions have a very vague interpretation, and others are just plain stupid (like asking if you have an anti-virus installed on all your company computers, or asking if you have a proper configured firewall, whatever that means). I'm not defending PCI here, just saying you can get burned.
Yours
Miguel Arroz On 2010/08/21, at 18:59, Simon wrote: i'm not sure what the big deal is (although i haven't read the article you linked to). we passed pci compliance with flying colours hosted on the amazon cloud.
simon
|
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden