> > > Based on some other internet "research", a possible approach to deal with > this scenario might be building a hybrid cloud architecture having most of > the deployment in the could while having a separate secure webservices > application hosted physically and securely inhouse for storing the encrypted > cc records and processing the credit card transactions themselves. >
this is exactly our plan. when we're big enough to warrant level 1 we'll make use of amazon virtual private cloud to bridge out to an environment that can be PCI level 1. interestingly if you read the marketing material on VPC it pretty much describes what you have: "AmazonVPC enables enterprises to connect their existing infrastructure to a set of isolated AWS compute resources via a Virtual Private Network (VPN) connection, and to extend their existing management capabilities such as security services, firewalls, and intrusion detection systems to include their AWS resources" Simon
_______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-dev mailing list ([email protected]) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com This email sent to [email protected]
