yeah, we've done a few of those self assement things, and we could answer yes to everything with amazon.
i guess there is some confusion about cloud computing rather than pci compliance. those questionnaires are all fussed about patching policies, root access, firewalls etc. with amazon you get all of that. it's not this big cloudy thing that you have zero control over.. Simon On 21 August 2010 22:15, Miguel Arroz <[email protected]> wrote: > Hi! > > PCI compliance is way more complex than simply passing the port-scan and > automated tests. I don't recall all the details, but you have to answer a > self-assessement form, and in that form I think they ask some stuff that > can't be answered "Yes" if you are using Amazon (or any other cloud > service). > > On the other hand, some of those questions have a very vague > interpretation, and others are just plain stupid (like asking if you have an > anti-virus installed on all your company computers, or asking if you have a > proper configured firewall, whatever that means). I'm not defending PCI > here, just saying you can get burned. > > Yours > > Miguel Arroz > > On 2010/08/21, at 18:59, Simon wrote: > > i'm not sure what the big deal is (although i haven't read the article you > linked to). we passed pci compliance with flying colours hosted on the > amazon cloud. > > simon > > > On 21 August 2010 17:45, Kieran Kelleher <[email protected]> wrote: > >> Has anyone had to set up a PCI Compliant deployment in the amazon cloud >> (or other could service)? Is it even feasible? This year old article throws >> doubt on full PCI compliance for cloud deployment...... >> >> >> http://www.itbusinessedge.com/cm/blogs/bentley/amazon-web-services-cant-offer-level-one-pci-compliance/?cs=34984 >> >> >> _______________________________________________ >> Do not post admin requests to the list. They will be ignored. >> Webobjects-dev mailing list ([email protected]) >> Help/Unsubscribe/Update your Subscription: >> >> http://lists.apple.com/mailman/options/webobjects-dev/simon%40potwells.co.uk >> >> This email sent to [email protected] >> > > _______________________________________________ > Do not post admin requests to the list. They will be ignored. > Webobjects-dev mailing list ([email protected]) > Help/Unsubscribe/Update your Subscription: > http://lists.apple.com/mailman/options/webobjects-dev/arroz%40guiamac.com > > This email sent to [email protected] > > > >
_______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-dev mailing list ([email protected]) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com This email sent to [email protected]
