According to many security experts, achieving Payment Card Industry Data Security Standards (PCI DSS) in the cloud can prove difficult for many companies, while it needs to be a high priority.
In an article for Wired.com, Andrew Hey writes firms need to be thorough in their data protection practices, taking into account user applications, operating systems, databases, virtual infrastructure and other issues.
Those making guidelines have had to change policies to adhere to the cloud and its risks.
“The PCI SSC understands that its current guidance on securing servers in cloud environments is lacking – in fact, current guidance tends to lean more towards virtualization and not cloud specifically,” he writes. “As such, the PCI SSC has sponsored the creation of a cloud special interest group (SIG) to examine the use of cloud technologies.”
Examples of data breach can be seen in cases across the country. In one recent theft, customers at several Five Guys restaurant locations had their debit card information taken, charging $89,800 to victims’ accounts.Back To Blog