SlideShare a Scribd company logo

PCI Compliance and Cloud Reference Architecture

H
HyTrust
TechnologyBusiness
1 of 15
Download to read offline
PCI Compliance and Cloud Reference Architecture A Best Practices Discussion with Authors Moderator: Hemma Prafullchandra, HyTrust Brought to you by: Panelists: George Gerchow, VMware Christian Janoff, Cisco Allan MacPhee, Trend Micro Kennet Westby, Coalfire Ken Owens, Savvis © HyTrust, Inc. All rights reserved. 1975 W. El Camino Real, Suite 203, Mountain View, CA 94040 Phone: 650-681-8100 / email: info@hytrust.com 1
Speakers George Gerchow Hemma Prafullchandra Director, VMware Center for CTO/SVP Products Policy and Compliance HyTrust VMware Ken Owens Allan MacPhee Vice President of Security Senior Product Manager & Virtualization Technologies, Trend Micro Savvis Kennet Westby Christian Janoff CEO Industry Enterprise Architect Coalfire Cisco 2
Hemma Prafullchandra   Founded in Fall 2007 and Headquartered in Mountain View, CA.   Venture backed by Cisco, Epic, Granite, and Trident with strategic partners including VMware, CA, Cisco, Symantec, Intel, and VCE   HyTrust provides centralized control for virtual infrastructure, administrative access, policy management, and compliance.   HyTrust product addresses multiple requirements set forth in PCI. Outlined in Reference architecture doc (will be emailed after webinar)   HyTrust serves as co-leader in development and organization of PCI Cloud Reference Architecture team and content 3
George Gerchow About VMware VMware, the virtualization and cloud infrastructure leader, delivers the most customer-proven, reliable, secure and complete platform to build the enterprise cloud. VMware has more than 250,000 customers, including 99% of the Fortune 1000 and 97% of the Fortune Global 500. VMware customers have experienced unmatched results with VMware solutions. • Financial: 50-60% CapEx savings • Human: Average of 33 percent cumulative time savings for day-to-day administrative activities. • Energy: Up to 80%, leveraging consolidation and distributed power management. 4
Christian Janoff   Christian Janoff  Vertical Solutions Architect at Cisco  Has led Cisco's participation on the PCI Security Standards Council since 2007 as a member of their Board of Advisors   Cisco virtual technology  Virtual servers, switching, routing, firewalling and intrusion detection systems for public and private clouds   For more information on Cisco and PCI: http://www.cisco.com/go/pci2. 5
Who is Savvis Hosting Track Cloud Track Savvis Symphony VPDC Enterprise features, multi-tier QoS Reduced Opex Savvis Symphony Open Multi-Tenant virtual infrastructure Savvis Symphony Dedicated Dedicated, virtual infrastructure Utility Compute Multi-tenant Stateless Bladeframe Managed Hosting Dedicated physical infrastructure Colocation Enterprise-Grade Space & Power Service Standardization, Virtualization & Automation 6
Allan MacPhee © 2011, HyTrust, Inc. www.hytrust.com 7
Kennet Westby © 2011, HyTrust, Inc. www.hytrust.com 8
Audience Poll - Let’s Get to Know Each Other   How many are virtualizing or have virtualized cardholder data?   How many of you are looking at cloud services?   How many feel your QSA is comfortable with your virtualized environment? 9
Panel Discussion What are the characteristics of a cloud that make PCI compliance difficult? Can a shared cloud environment even be PCI compliant? What does it mean when your cloud provider tells you that they are PCI certified?  What areas should your cloud provider be responsible for?  What are the key questions you should ask your cloud provider to understand the scope of PCI certification achieved?  How does a merchant figure out what the shared responsibility split is in detail? 10
Panel Discussion If my environment is already PCI compliant and I want to just extend a single tier to a public cloud, what should I be concerned about? What is the best way to involve my QSA in these discussions? What resources can I use to help me plan for and use cloud computing for my CDE?   Policy, People, Process, Technology 11
Key Takeaways and Guidance PCI Compliance in Virtualized environments (on-premise)   Virtualization increases the risk and complexity of PCI compliance, engage your QSA early to streamline the audit process   Look beyond traditional security vendors for solutions that address virtualization specific requirements (hypervisor/VM controls)   View virtualization as an opportunity to improve your current processes – i.e. reporting, monitoring, inter-VM controls, etc. and achieve objectives that you always wanted in physical environments but could not afford or were restricted by legacy infrastructure   Embrace virtualization with a virtualization by default approach and build compliance into the default mode of operation 12
Key Takeaways and Guidance PCI Compliance in the Cloud  Compliance is possible, but it takes the right cloud provider  Compliance is a shared responsibility, there is no magic bullet  Understand the details & scope of your cloud provider’s PCI certification  Work with your QSA to create a strategy for addressing the remaining required PCI controls  Cloud compliance requires elastic and automated VM security and persistence of machine data for audit and forensics  Create a strategy for Cloud compliance  Start with virtualized on premise and dedicated hosting environments  Evolve and apply these controls to cloud environments 13
Additional Resources   www.pcisecuritystandards.org   www.coalfiresystems.com   www.hytrust.com/pci   www.savvis.net   http://us.trendmicro.com/us/solutions/enterprise/security-solutions/ compliance/   http://www.vmware.com/solutions/datacenter/cloud-security- compliance/unified-framework.html   www.cisco.com Just Published: PCI-compliant Cloud Reference Architecture 14
Thank You 15

Recommended

PCI and the Cloud
PCI and the CloudPCI and the Cloud
PCI and the CloudCloudPassage
 
Cloud Security: Perception VS Reality
Cloud Security: Perception VS RealityCloud Security: Perception VS Reality
Cloud Security: Perception VS RealityKVH Co. Ltd.
 
Seguridad en SQL Azure Windows azure
Seguridad en SQL Azure Windows azureSeguridad en SQL Azure Windows azure
Seguridad en SQL Azure Windows azureEduardo Castro
 
Building a Strong Foundation for Your Cloud with Identity Management
Building a Strong Foundation for Your Cloud with Identity ManagementBuilding a Strong Foundation for Your Cloud with Identity Management
Building a Strong Foundation for Your Cloud with Identity ManagementNishant Kaushik
 
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Acrodex
 
Vmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend MicroVmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend MicroGraeme Wood
 
Cloud Adoption - A Practical Approach
Cloud Adoption - A Practical ApproachCloud Adoption - A Practical Approach
Cloud Adoption - A Practical ApproachLicensingLive! - SafeNet
 
Axoss Wireless Vulnerability Assessment Services
Axoss Wireless Vulnerability Assessment ServicesAxoss Wireless Vulnerability Assessment Services
Axoss Wireless Vulnerability Assessment ServicesBulent Buyukkahraman
 

Recommended

PCI and the Cloud
PCI and the CloudPCI and the Cloud
PCI and the CloudCloudPassage
 
Cloud Security: Perception VS Reality
Cloud Security: Perception VS RealityCloud Security: Perception VS Reality
Cloud Security: Perception VS RealityKVH Co. Ltd.
 
Seguridad en SQL Azure Windows azure
Seguridad en SQL Azure Windows azureSeguridad en SQL Azure Windows azure
Seguridad en SQL Azure Windows azureEduardo Castro
 
Building a Strong Foundation for Your Cloud with Identity Management
Building a Strong Foundation for Your Cloud with Identity ManagementBuilding a Strong Foundation for Your Cloud with Identity Management
Building a Strong Foundation for Your Cloud with Identity ManagementNishant Kaushik
 
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Acrodex
 
Vmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend MicroVmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend MicroGraeme Wood
 
Cloud Adoption - A Practical Approach
Cloud Adoption - A Practical ApproachCloud Adoption - A Practical Approach
Cloud Adoption - A Practical ApproachLicensingLive! - SafeNet
 
Axoss Wireless Vulnerability Assessment Services
Axoss Wireless Vulnerability Assessment ServicesAxoss Wireless Vulnerability Assessment Services
Axoss Wireless Vulnerability Assessment ServicesBulent Buyukkahraman
 
Private Cloud - Harbour MSP
Private Cloud - Harbour MSPPrivate Cloud - Harbour MSP
Private Cloud - Harbour MSPGPorterHarbour
 
Agrica- Cisco
Agrica- CiscoAgrica- Cisco
Agrica- CiscoCisco Case Studies
 
Rht cloud 129
Rht cloud 129Rht cloud 129
Rht cloud 129Eric Blaufarb
 
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...Skybox Security
 
Forecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, TrapezoidForecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, TrapezoidOpen Data Center Alliance
 
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...Proact Netherlands B.V.
 
Peak 10 Overview
Peak 10 OverviewPeak 10 Overview
Peak 10 OverviewKelley Hire
 
Cloud Computing at Cisco
Cloud Computing at CiscoCloud Computing at Cisco
Cloud Computing at CiscoCisco Canada
 
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows AzureSecuring a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azurevivekbhat
 
Securing Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security ServiceSecuring Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security ServiceNovell
 
Cloudop security
Cloudop securityCloudop security
Cloudop securitywardspan
 
Planet Lab
Planet LabPlanet Lab
Planet LabJulia Proskurnia
 
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust
 
eFolder AppAssure Cloud Briefing_Public
eFolder AppAssure Cloud Briefing_PubliceFolder AppAssure Cloud Briefing_Public
eFolder AppAssure Cloud Briefing_PublicDropbox
 
SIOS Private Cloud
SIOS Private CloudSIOS Private Cloud
SIOS Private CloudJim Kaskade
 
Cisco cloud presentation
Cisco cloud presentationCisco cloud presentation
Cisco cloud presentationAbdelkader YEDDES
 
Nimsoft Monitor for vCloud
Nimsoft Monitor for vCloudNimsoft Monitor for vCloud
Nimsoft Monitor for vCloudCA Nimsoft
 
Digi cert newsletter-2013-02
Digi cert newsletter-2013-02Digi cert newsletter-2013-02
Digi cert newsletter-2013-02Pittayakom Sa-ingtong
 
Roadmap and Technology Incubators
Roadmap and Technology IncubatorsRoadmap and Technology Incubators
Roadmap and Technology IncubatorsAngelo Corsaro
 
Open Stack China Trip Sz0922
Open Stack China Trip Sz0922Open Stack China Trip Sz0922
Open Stack China Trip Sz0922OpenCity Community
 
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...Khazret Sapenov
 
Open icf (open identity connector framework) @ forgerock deutsch
Open icf (open identity connector framework) @ forgerock deutschOpen icf (open identity connector framework) @ forgerock deutsch
Open icf (open identity connector framework) @ forgerock deutschHanns Nolan
 

More Related Content

What's hot

Private Cloud - Harbour MSP
Private Cloud - Harbour MSPPrivate Cloud - Harbour MSP
Private Cloud - Harbour MSPGPorterHarbour
 
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...Skybox Security
 
Forecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, TrapezoidForecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, TrapezoidOpen Data Center Alliance
 
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...Proact Netherlands B.V.
 
Peak 10 Overview
Peak 10 OverviewPeak 10 Overview
Peak 10 OverviewKelley Hire
 
Cloud Computing at Cisco
Cloud Computing at CiscoCloud Computing at Cisco
Cloud Computing at CiscoCisco Canada
 
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows AzureSecuring a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azurevivekbhat
 
Securing Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security ServiceSecuring Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security ServiceNovell
 
Cloudop security
Cloudop securityCloudop security
Cloudop securitywardspan
 
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust
 
eFolder AppAssure Cloud Briefing_Public
eFolder AppAssure Cloud Briefing_PubliceFolder AppAssure Cloud Briefing_Public
eFolder AppAssure Cloud Briefing_PublicDropbox
 
SIOS Private Cloud
SIOS Private CloudSIOS Private Cloud
SIOS Private CloudJim Kaskade
 
Nimsoft Monitor for vCloud
Nimsoft Monitor for vCloudNimsoft Monitor for vCloud
Nimsoft Monitor for vCloudCA Nimsoft
 
Roadmap and Technology Incubators
Roadmap and Technology IncubatorsRoadmap and Technology Incubators
Roadmap and Technology IncubatorsAngelo Corsaro
 

What's hot (20)

Private Cloud - Harbour MSP
Private Cloud - Harbour MSPPrivate Cloud - Harbour MSP
Private Cloud - Harbour MSP
 
Agrica- Cisco
Agrica- CiscoAgrica- Cisco
Agrica- Cisco
 
Rht cloud 129
Rht cloud 129Rht cloud 129
Rht cloud 129
 
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...
 
Forecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, TrapezoidForecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
 
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...
 
Peak 10 Overview
Peak 10 OverviewPeak 10 Overview
Peak 10 Overview
 
Cloud Computing at Cisco
Cloud Computing at CiscoCloud Computing at Cisco
Cloud Computing at Cisco
 
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows AzureSecuring a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azure
 
Securing Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security ServiceSecuring Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security Service
 
Cloudop security
Cloudop securityCloudop security
Cloudop security
 
Planet Lab
Planet LabPlanet Lab
Planet Lab
 
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure
 
eFolder AppAssure Cloud Briefing_Public
eFolder AppAssure Cloud Briefing_PubliceFolder AppAssure Cloud Briefing_Public
eFolder AppAssure Cloud Briefing_Public
 
SIOS Private Cloud
SIOS Private CloudSIOS Private Cloud
SIOS Private Cloud
 
Cisco cloud presentation
Cisco cloud presentationCisco cloud presentation
Cisco cloud presentation
 
Nimsoft Monitor for vCloud
Nimsoft Monitor for vCloudNimsoft Monitor for vCloud
Nimsoft Monitor for vCloud
 
Digi cert newsletter-2013-02
Digi cert newsletter-2013-02Digi cert newsletter-2013-02
Digi cert newsletter-2013-02
 
Roadmap and Technology Incubators
Roadmap and Technology IncubatorsRoadmap and Technology Incubators
Roadmap and Technology Incubators
 
Open Stack China Trip Sz0922
Open Stack China Trip Sz0922Open Stack China Trip Sz0922
Open Stack China Trip Sz0922
 

Viewers also liked

Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...Khazret Sapenov
 
Open icf (open identity connector framework) @ forgerock deutsch
Open icf (open identity connector framework) @ forgerock deutschOpen icf (open identity connector framework) @ forgerock deutsch
Open icf (open identity connector framework) @ forgerock deutschHanns Nolan
 
PCI Compliance in the Cloud
PCI Compliance in the CloudPCI Compliance in the Cloud
PCI Compliance in the CloudControlCase
 
Simple cloud reference architecture
Simple cloud reference architectureSimple cloud reference architecture
Simple cloud reference architectureDaeMyung Kang
 
Mobile security-reference-architecture
Mobile security-reference-architectureMobile security-reference-architecture
Mobile security-reference-architectureVishal Sharma
 
Cloud reference architecture as per nist
Cloud reference architecture as per nistCloud reference architecture as per nist
Cloud reference architecture as per nistgaurav jain
 
Intro to Cloud Computing in the Federal Government
Intro to Cloud Computing in the Federal GovernmentIntro to Cloud Computing in the Federal Government
Intro to Cloud Computing in the Federal GovernmentIntel Corporation
 
The Enterprise Reference Architecture and Tools
The Enterprise Reference Architecture and ToolsThe Enterprise Reference Architecture and Tools
The Enterprise Reference Architecture and ToolsSoftware Park Thailand
 
Reference Architecture for Data Loss Prevention in the Cloud
Reference Architecture for Data Loss Prevention in the CloudReference Architecture for Data Loss Prevention in the Cloud
Reference Architecture for Data Loss Prevention in the CloudNetskope
 
Take It to the Cloud: The Evolution of Security Architecture
Take It to the Cloud: The Evolution of Security ArchitectureTake It to the Cloud: The Evolution of Security Architecture
Take It to the Cloud: The Evolution of Security ArchitecturePriyanka Aash
 
The F5 DDoS Protection Reference Architecture (Technical White Paper)
The F5 DDoS Protection Reference Architecture (Technical White Paper)The F5 DDoS Protection Reference Architecture (Technical White Paper)
The F5 DDoS Protection Reference Architecture (Technical White Paper)F5 Networks
 
Extending Active Directory to Box for Seamless IT Management
Extending Active Directory to Box for Seamless IT ManagementExtending Active Directory to Box for Seamless IT Management
Extending Active Directory to Box for Seamless IT ManagementOkta-Inc
 
Security Building Blocks of the IBM Cloud Computing Reference Architecture
Security Building Blocks of the IBM Cloud Computing Reference ArchitectureSecurity Building Blocks of the IBM Cloud Computing Reference Architecture
Security Building Blocks of the IBM Cloud Computing Reference ArchitectureStefaan Van daele
 
F5 Application Services Reference Architecture (Audio)
F5 Application Services Reference Architecture (Audio)F5 Application Services Reference Architecture (Audio)
F5 Application Services Reference Architecture (Audio)F5 Networks
 
AWS Security Architecture - Overview
AWS Security Architecture - OverviewAWS Security Architecture - Overview
AWS Security Architecture - OverviewSai Kesavamatham
 
Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?ForgeRock
 
Oracle Cloud Reference Architecture
Oracle Cloud Reference ArchitectureOracle Cloud Reference Architecture
Oracle Cloud Reference ArchitectureBob Rhubart
 
NIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference ArchitectureNIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference ArchitectureThanakrit Lersmethasakul
 
Cloud Computing and the Next-Generation of Enterprise Architecture - Cloud Co...
Cloud Computing and the Next-Generation of Enterprise Architecture - Cloud Co...Cloud Computing and the Next-Generation of Enterprise Architecture - Cloud Co...
Cloud Computing and the Next-Generation of Enterprise Architecture - Cloud Co...Stuart Charlton
 
AWS Webcast - Active Directory on AWS
AWS Webcast - Active Directory on AWSAWS Webcast - Active Directory on AWS
AWS Webcast - Active Directory on AWSAmazon Web Services
 

Viewers also liked (20)

Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
 
Open icf (open identity connector framework) @ forgerock deutsch
Open icf (open identity connector framework) @ forgerock deutschOpen icf (open identity connector framework) @ forgerock deutsch
Open icf (open identity connector framework) @ forgerock deutsch
 
PCI Compliance in the Cloud
PCI Compliance in the CloudPCI Compliance in the Cloud
PCI Compliance in the Cloud
 
Simple cloud reference architecture
Simple cloud reference architectureSimple cloud reference architecture
Simple cloud reference architecture
 
Mobile security-reference-architecture
Mobile security-reference-architectureMobile security-reference-architecture
Mobile security-reference-architecture
 
Cloud reference architecture as per nist
Cloud reference architecture as per nistCloud reference architecture as per nist
Cloud reference architecture as per nist
 
Intro to Cloud Computing in the Federal Government
Intro to Cloud Computing in the Federal GovernmentIntro to Cloud Computing in the Federal Government
Intro to Cloud Computing in the Federal Government
 
The Enterprise Reference Architecture and Tools
The Enterprise Reference Architecture and ToolsThe Enterprise Reference Architecture and Tools
The Enterprise Reference Architecture and Tools
 
Reference Architecture for Data Loss Prevention in the Cloud
Reference Architecture for Data Loss Prevention in the CloudReference Architecture for Data Loss Prevention in the Cloud
Reference Architecture for Data Loss Prevention in the Cloud
 
Take It to the Cloud: The Evolution of Security Architecture
Take It to the Cloud: The Evolution of Security ArchitectureTake It to the Cloud: The Evolution of Security Architecture
Take It to the Cloud: The Evolution of Security Architecture
 
The F5 DDoS Protection Reference Architecture (Technical White Paper)
The F5 DDoS Protection Reference Architecture (Technical White Paper)The F5 DDoS Protection Reference Architecture (Technical White Paper)
The F5 DDoS Protection Reference Architecture (Technical White Paper)
 
Extending Active Directory to Box for Seamless IT Management
Extending Active Directory to Box for Seamless IT ManagementExtending Active Directory to Box for Seamless IT Management
Extending Active Directory to Box for Seamless IT Management
 
Security Building Blocks of the IBM Cloud Computing Reference Architecture
Security Building Blocks of the IBM Cloud Computing Reference ArchitectureSecurity Building Blocks of the IBM Cloud Computing Reference Architecture
Security Building Blocks of the IBM Cloud Computing Reference Architecture
 
F5 Application Services Reference Architecture (Audio)
F5 Application Services Reference Architecture (Audio)F5 Application Services Reference Architecture (Audio)
F5 Application Services Reference Architecture (Audio)
 
AWS Security Architecture - Overview
AWS Security Architecture - OverviewAWS Security Architecture - Overview
AWS Security Architecture - Overview
 
Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?
 
Oracle Cloud Reference Architecture
Oracle Cloud Reference ArchitectureOracle Cloud Reference Architecture
Oracle Cloud Reference Architecture
 
NIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference ArchitectureNIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference Architecture
 
Cloud Computing and the Next-Generation of Enterprise Architecture - Cloud Co...
Cloud Computing and the Next-Generation of Enterprise Architecture - Cloud Co...Cloud Computing and the Next-Generation of Enterprise Architecture - Cloud Co...
Cloud Computing and the Next-Generation of Enterprise Architecture - Cloud Co...
 
AWS Webcast - Active Directory on AWS
AWS Webcast - Active Directory on AWSAWS Webcast - Active Directory on AWS
AWS Webcast - Active Directory on AWS
 

Similar to PCI Compliance and Cloud Reference Architecture

PCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best PracticesPCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best PracticesHyTrust
 
Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?doan_slideshares
 
Cloud computing in south africa reality or fantasy
Cloud computing in south africa reality or fantasyCloud computing in south africa reality or fantasy
Cloud computing in south africa reality or fantasySamantha James
 
Stott May Presentation
Stott May PresentationStott May Presentation
Stott May Presentationcaoimheos
 
Developing Your Cloud Strategy
Developing Your Cloud StrategyDeveloping Your Cloud Strategy
Developing Your Cloud StrategyInternap
 
Runecast: Simplified Security with Unparalleled Transparency (March 2022)
Runecast: Simplified Security with Unparalleled Transparency (March 2022)Runecast: Simplified Security with Unparalleled Transparency (March 2022)
Runecast: Simplified Security with Unparalleled Transparency (March 2022)Jason Mashak
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...HyTrust
 
VMware vCloud Director 1.5 - What's New
VMware vCloud Director 1.5 - What's NewVMware vCloud Director 1.5 - What's New
VMware vCloud Director 1.5 - What's New1CloudRoad.com
 
Intel Cloud Summit ODCA - NAB Customer presentation
Intel Cloud Summit ODCA - NAB Customer presentationIntel Cloud Summit ODCA - NAB Customer presentation
Intel Cloud Summit ODCA - NAB Customer presentationIntelAPAC
 
Accelerating the Speed of Innovation - Jason Waxman, Intel
Accelerating the Speed of Innovation - Jason Waxman, IntelAccelerating the Speed of Innovation - Jason Waxman, Intel
Accelerating the Speed of Innovation - Jason Waxman, IntelOpen Data Center Alliance
 
Vss Security And Compliance For The Cloud
Vss Security And Compliance For The CloudVss Security And Compliance For The Cloud
Vss Security And Compliance For The CloudGraeme Wood
 
Developing Your Cloud Strategy
Developing Your Cloud StrategyDeveloping Your Cloud Strategy
Developing Your Cloud StrategyAl Afflitto
 
What You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud GuidelinesWhat You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud GuidelinesCloudPassage
 
Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesSecure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesHyTrust
 
The Cloud according to VMware
The Cloud according to VMwareThe Cloud according to VMware
The Cloud according to VMwareOpSource
 
How to deploy a Private Cloud based on WAP and Nutanix
How to deploy a Private Cloud based on WAP and NutanixHow to deploy a Private Cloud based on WAP and Nutanix
How to deploy a Private Cloud based on WAP and NutanixTom Van Gramberen
 
Network security security landscape-10-11-2016 part i 1200 dpi (vgarr)
Network security security landscape-10-11-2016 part i 1200 dpi (vgarr)Network security security landscape-10-11-2016 part i 1200 dpi (vgarr)
Network security security landscape-10-11-2016 part i 1200 dpi (vgarr)Vince Garr
 
Intel Cloud Summit 2012 ODCA + NAB
Intel Cloud Summit 2012 ODCA + NABIntel Cloud Summit 2012 ODCA + NAB
Intel Cloud Summit 2012 ODCA + NABIntelAPAC
 
2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity RoadmapRaleigh ISSA
 

Similar to PCI Compliance and Cloud Reference Architecture (20)

PCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best PracticesPCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best Practices
 
Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?
 
Cloud computing in south africa reality or fantasy
Cloud computing in south africa reality or fantasyCloud computing in south africa reality or fantasy
Cloud computing in south africa reality or fantasy
 
Stott May Presentation
Stott May PresentationStott May Presentation
Stott May Presentation
 
Developing Your Cloud Strategy
Developing Your Cloud StrategyDeveloping Your Cloud Strategy
Developing Your Cloud Strategy
 
Runecast: Simplified Security with Unparalleled Transparency (March 2022)
Runecast: Simplified Security with Unparalleled Transparency (March 2022)Runecast: Simplified Security with Unparalleled Transparency (March 2022)
Runecast: Simplified Security with Unparalleled Transparency (March 2022)
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
 
VMware vCloud Director 1.5 - What's New
VMware vCloud Director 1.5 - What's NewVMware vCloud Director 1.5 - What's New
VMware vCloud Director 1.5 - What's New
 
Dataplex Company Overview
Dataplex Company OverviewDataplex Company Overview
Dataplex Company Overview
 
Intel Cloud Summit ODCA - NAB Customer presentation
Intel Cloud Summit ODCA - NAB Customer presentationIntel Cloud Summit ODCA - NAB Customer presentation
Intel Cloud Summit ODCA - NAB Customer presentation
 
Accelerating the Speed of Innovation - Jason Waxman, Intel
Accelerating the Speed of Innovation - Jason Waxman, IntelAccelerating the Speed of Innovation - Jason Waxman, Intel
Accelerating the Speed of Innovation - Jason Waxman, Intel
 
Vss Security And Compliance For The Cloud
Vss Security And Compliance For The CloudVss Security And Compliance For The Cloud
Vss Security And Compliance For The Cloud
 
Developing Your Cloud Strategy
Developing Your Cloud StrategyDeveloping Your Cloud Strategy
Developing Your Cloud Strategy
 
What You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud GuidelinesWhat You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud Guidelines
 
Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesSecure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
 
The Cloud according to VMware
The Cloud according to VMwareThe Cloud according to VMware
The Cloud according to VMware
 
How to deploy a Private Cloud based on WAP and Nutanix
How to deploy a Private Cloud based on WAP and NutanixHow to deploy a Private Cloud based on WAP and Nutanix
How to deploy a Private Cloud based on WAP and Nutanix
 
Network security security landscape-10-11-2016 part i 1200 dpi (vgarr)
Network security security landscape-10-11-2016 part i 1200 dpi (vgarr)Network security security landscape-10-11-2016 part i 1200 dpi (vgarr)
Network security security landscape-10-11-2016 part i 1200 dpi (vgarr)
 
Intel Cloud Summit 2012 ODCA + NAB
Intel Cloud Summit 2012 ODCA + NABIntel Cloud Summit 2012 ODCA + NAB
Intel Cloud Summit 2012 ODCA + NAB
 
2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap
 

More from HyTrust

Virtualizing More While Improving Risk Posture – From Bare Metal to End Point
Virtualizing More While Improving Risk Posture – From Bare Metal to End PointVirtualizing More While Improving Risk Posture – From Bare Metal to End Point
Virtualizing More While Improving Risk Posture – From Bare Metal to End PointHyTrust
 
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:HyTrust
 
S24 – Virtualiza.on Security from the Auditor Perspec.ve
S24 – Virtualiza.on Security from the Auditor Perspec.veS24 – Virtualiza.on Security from the Auditor Perspec.ve
S24 – Virtualiza.on Security from the Auditor Perspec.veHyTrust
 
G12: Implementation to Business Value
G12: Implementation to Business ValueG12: Implementation to Business Value
G12: Implementation to Business ValueHyTrust
 
IBM X-Force 2010 Trend and Risk Report-March 2011
IBM X-Force 2010 Trend and Risk Report-March 2011IBM X-Force 2010 Trend and Risk Report-March 2011
IBM X-Force 2010 Trend and Risk Report-March 2011HyTrust
 
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...HyTrust
 
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies HyTrust
 
HyTrust-FISMA Compliance in the Virtual Data Center
HyTrust-FISMA Compliance in the Virtual Data CenterHyTrust-FISMA Compliance in the Virtual Data Center
HyTrust-FISMA Compliance in the Virtual Data CenterHyTrust
 

More from HyTrust (8)

Virtualizing More While Improving Risk Posture – From Bare Metal to End Point
Virtualizing More While Improving Risk Posture – From Bare Metal to End PointVirtualizing More While Improving Risk Posture – From Bare Metal to End Point
Virtualizing More While Improving Risk Posture – From Bare Metal to End Point
 
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
 
S24 – Virtualiza.on Security from the Auditor Perspec.ve
S24 – Virtualiza.on Security from the Auditor Perspec.veS24 – Virtualiza.on Security from the Auditor Perspec.ve
S24 – Virtualiza.on Security from the Auditor Perspec.ve
 
G12: Implementation to Business Value
G12: Implementation to Business ValueG12: Implementation to Business Value
G12: Implementation to Business Value
 
IBM X-Force 2010 Trend and Risk Report-March 2011
IBM X-Force 2010 Trend and Risk Report-March 2011IBM X-Force 2010 Trend and Risk Report-March 2011
IBM X-Force 2010 Trend and Risk Report-March 2011
 
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
 
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
 
HyTrust-FISMA Compliance in the Virtual Data Center
HyTrust-FISMA Compliance in the Virtual Data CenterHyTrust-FISMA Compliance in the Virtual Data Center
HyTrust-FISMA Compliance in the Virtual Data Center
 

Recently uploaded

Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 

Recently uploaded (20)

Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 

PCI Compliance and Cloud Reference Architecture

  • 1. PCI Compliance and Cloud Reference Architecture A Best Practices Discussion with Authors Moderator: Hemma Prafullchandra, HyTrust Brought to you by: Panelists: George Gerchow, VMware Christian Janoff, Cisco Allan MacPhee, Trend Micro Kennet Westby, Coalfire Ken Owens, Savvis © HyTrust, Inc. All rights reserved. 1975 W. El Camino Real, Suite 203, Mountain View, CA 94040 Phone: 650-681-8100 / email: info@hytrust.com 1
  • 2. Speakers George Gerchow Hemma Prafullchandra Director, VMware Center for CTO/SVP Products Policy and Compliance HyTrust VMware Ken Owens Allan MacPhee Vice President of Security Senior Product Manager & Virtualization Technologies, Trend Micro Savvis Kennet Westby Christian Janoff CEO Industry Enterprise Architect Coalfire Cisco 2
  • 3. Hemma Prafullchandra   Founded in Fall 2007 and Headquartered in Mountain View, CA.   Venture backed by Cisco, Epic, Granite, and Trident with strategic partners including VMware, CA, Cisco, Symantec, Intel, and VCE   HyTrust provides centralized control for virtual infrastructure, administrative access, policy management, and compliance.   HyTrust product addresses multiple requirements set forth in PCI. Outlined in Reference architecture doc (will be emailed after webinar)   HyTrust serves as co-leader in development and organization of PCI Cloud Reference Architecture team and content 3
  • 4. George Gerchow About VMware VMware, the virtualization and cloud infrastructure leader, delivers the most customer-proven, reliable, secure and complete platform to build the enterprise cloud. VMware has more than 250,000 customers, including 99% of the Fortune 1000 and 97% of the Fortune Global 500. VMware customers have experienced unmatched results with VMware solutions. • Financial: 50-60% CapEx savings • Human: Average of 33 percent cumulative time savings for day-to-day administrative activities. • Energy: Up to 80%, leveraging consolidation and distributed power management. 4
  • 5. Christian Janoff   Christian Janoff  Vertical Solutions Architect at Cisco  Has led Cisco's participation on the PCI Security Standards Council since 2007 as a member of their Board of Advisors   Cisco virtual technology  Virtual servers, switching, routing, firewalling and intrusion detection systems for public and private clouds   For more information on Cisco and PCI: http://www.cisco.com/go/pci2. 5
  • 6. Who is Savvis Hosting Track Cloud Track Savvis Symphony VPDC Enterprise features, multi-tier QoS Reduced Opex Savvis Symphony Open Multi-Tenant virtual infrastructure Savvis Symphony Dedicated Dedicated, virtual infrastructure Utility Compute Multi-tenant Stateless Bladeframe Managed Hosting Dedicated physical infrastructure Colocation Enterprise-Grade Space & Power Service Standardization, Virtualization & Automation 6
  • 7. Allan MacPhee © 2011, HyTrust, Inc. www.hytrust.com 7
  • 8. Kennet Westby © 2011, HyTrust, Inc. www.hytrust.com 8
  • 9. Audience Poll - Let’s Get to Know Each Other   How many are virtualizing or have virtualized cardholder data?   How many of you are looking at cloud services?   How many feel your QSA is comfortable with your virtualized environment? 9
  • 10. Panel Discussion What are the characteristics of a cloud that make PCI compliance difficult? Can a shared cloud environment even be PCI compliant? What does it mean when your cloud provider tells you that they are PCI certified?  What areas should your cloud provider be responsible for?  What are the key questions you should ask your cloud provider to understand the scope of PCI certification achieved?  How does a merchant figure out what the shared responsibility split is in detail? 10
  • 11. Panel Discussion If my environment is already PCI compliant and I want to just extend a single tier to a public cloud, what should I be concerned about? What is the best way to involve my QSA in these discussions? What resources can I use to help me plan for and use cloud computing for my CDE?   Policy, People, Process, Technology 11
  • 12. Key Takeaways and Guidance PCI Compliance in Virtualized environments (on-premise)   Virtualization increases the risk and complexity of PCI compliance, engage your QSA early to streamline the audit process   Look beyond traditional security vendors for solutions that address virtualization specific requirements (hypervisor/VM controls)   View virtualization as an opportunity to improve your current processes – i.e. reporting, monitoring, inter-VM controls, etc. and achieve objectives that you always wanted in physical environments but could not afford or were restricted by legacy infrastructure   Embrace virtualization with a virtualization by default approach and build compliance into the default mode of operation 12
  • 13. Key Takeaways and Guidance PCI Compliance in the Cloud  Compliance is possible, but it takes the right cloud provider  Compliance is a shared responsibility, there is no magic bullet  Understand the details & scope of your cloud provider’s PCI certification  Work with your QSA to create a strategy for addressing the remaining required PCI controls  Cloud compliance requires elastic and automated VM security and persistence of machine data for audit and forensics  Create a strategy for Cloud compliance  Start with virtualized on premise and dedicated hosting environments  Evolve and apply these controls to cloud environments 13
  • 14. Additional Resources   www.pcisecuritystandards.org   www.coalfiresystems.com   www.hytrust.com/pci   www.savvis.net   http://us.trendmicro.com/us/solutions/enterprise/security-solutions/ compliance/   http://www.vmware.com/solutions/datacenter/cloud-security- compliance/unified-framework.html   www.cisco.com Just Published: PCI-compliant Cloud Reference Architecture 14
  • 15. Thank You 15