The Payment Card Industry Security Standards Council has released a set of guidelines for companies to ensure compliance with industry standards, Computerworld reports. The 39-page document describes how each of the 12 PCI security requirements can be applied in a virtual environment, the report states, and offers recommendations on how to stay compliant in the cloud, delineating between entities' and cloud vendors' responsibilities. "Consequently, the burden for providing proof of PCI DSS compliance for a cloud-based service falls heavily on the cloud provider," the document states. The guidance is the "best document that the PCI Security Standards Council has written to date," an independent PCI consultant said.
If you want to comment on this post, you need to login.