• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Industry News   »   Cloud Computing   »   PCI DSS may provide framework for cloud standards

PCI DSS may provide framework for cloud standards

  • Posted on:August 18, 2011
  • Posted in:Cloud Computing, Current News
  • Posted by:
    Trend Micro
0

Data security and compliance standards in the cloud have been hot topics lately, with several organizations emerging in recent years to establish best practices for the technology. But, according to one expert, a standard that may help cloud vendors enhance their security practices already exists.

In a recent interview with Infosecurity, NeoSpire senior director of client services and security Sean Bruton asserted that the PCI Data Security Standard could serve as a template for cloud computing security and virtualization standards.

Though the PCI DSS was originally designed to protect credit card information, the latest iteration of the standard also address data security challenges in the cloud and virtualized environments. This means cloud vendors could look to the PCI DSS to determine whether they are employing adequate data protection practices and determine whether such practices are compliant.

“The report on compliance is important to have … [because] if you are not getting a PCI compliance report from your vendor, you’re not going to know which of the areas you can depend upon them for compliance, or which ones are being left on your shoulders,” Bruton told the news provider.

The notion of data security compliance in the cloud is a tricky one, given that there is no government or industrial regulatory body governing the technology. While myriad standards exist that address data loss and the types of information an organization must maintain, how they relate to the cloud is unclear for the most part.

However, the PCI Council isn’t the only group looking to establish cloud standards. The Cloud Security Customer Council recently announced the approval of several working groups that will explore various issues in the cloud. This could eventually lead the CSCC to lay ground rules regarding the cloud’s interoperability and security.

Additionally, the Institute of Electronics and Electrical Engineers and the Open Data Center Alliance have both revealed separate plans to establish cloud standards as well.

Related posts:

  1. IEEE, others call for establishment of cloud standards
  2. Cloud standards may need direction
  3. Open Data Center Alliance: New standards are ‘catalyst for investment in cloud’
  4. CSA, ISO to establish cloud security standards

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Digital Transformation is Growing but May Be Insecure for Many
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.