Cloud computing is changing the way many organizations conduct business. Companies that implement smart cloud solutions can enjoy tremendous benefits in the organization and productivity of their operations. Cloud computing promotes the use of modern technology such as mobile devices because it allows for individuals to share and access pertinent data and content from a multitude of devices. That's why many vendors are implementing cloud computing systems to help with payment processing.
However, as the cloud is still a relatively new entity, there are several questions raised by its doubters - most of them pertaining to security. PCI compliance is still crucial in the payments industry, and merchants cannot afford to compromise their customers' sensitive data by storing it in an unstable cloud environment.
The Payment Card Industry Security Standards Council (PCI SSC) recently published guidelines as to how merchants can remain PCI compliant while using the cloud to store information.
Chris Brenton, director of security at CloudPassage and a member of the PCI group that transcribed the guidelines, told CSO.com that such rules were essential, because many vendors didn't have a full understanding as to how data could be compromised from a cloud environment.
"As folks move into the cloud, they think they are getting a little bit of a get out of jail card and they can just say, 'the cloud provider will take care of all that,'" Brenton said. "One of the things this guidance is very clear on is no, you will always have some level for making sure that credit-card information stays secure."
There is, however, no such thing as a perfectly secure cloud system, at least not right now. That's why it's important for vendors to implement solutions designed to ensure data security such as tokenization. However, working with a B2B payments consultant can help merchants going forward better understand cloud operation requirements.