Many of you may be a little nervous about placing cardholder data in the “Cloud”. Don’t worry-this is a normal and welcomed concern. In February 2013, the PCI Security Standards Council released an Information Supplement titled PCI DSS Cloud Computing Guidelines. This supplement provides organizations guidance if they are going to be placing cardholder data in the “Cloud”.
Before you start this transition, there are many different factors that must be considered. Knowing the answers to the following questions will help tremendously.
- Is the data center where my cardholder data PCI compliant?
- What exactly does that mean?
- Does the datacenter follow the PCI DSS Cloud Computing Guidelines?
These are just a few of the questions that any company contemplating the transition to the cloud must ask.