PCI compliance can be achieved when cloud solutions are involved. In fact, it will be done more often as cloud computing continues to grown in popularity. But PCI compliant companies that are seeking to move their operations to the cloud should be aware of some challenges that they would not face otherwise.
Sys-Con Media blog contributor Gilad Parann-Nissany wrote recently that the cloud is fundamentally different from what many businesses have experienced thus far.
"Securing brick and mortar businesses was one thing, securing data centers and hardware was an added level, but securing the foggy boundaries of the cloud presents a new set of challenges," he wrote.
For example, hashing and encryption become important protection methods in the cloud. With these in place, an intruder will be prevented from reading encrypted data even if that person has accessed the data by evading other security measures.
It is also important to secure systems by keeping them up to date with the latest software patches, thus removing vulnerabilities in the system. Finally, access to the system should be limited to reduce the chance of a serious compromise in security. This could be done in several ways, either by rank or by job duty. Therefore, to prevent unauthorized users from seeing access keys, they should be kept encrypted
Merchants must make every effort to equip themselves with these features to offer their customers security and peace of mind. Vantage B2B can offer the solutions needed to provide this service and alleviate risks pertaining to the security of customer information.