CipherCloud Unveils its Proposed Steps to Realizing the PCI Cloud Data Security Standard

By David Gitonga

Since the start of the cloud computing revolution, security has always and most probably will continue to be one of the most crucial yet hard to attain and maintain aspects of the whole movement. To maintain the integrity of online data storage and transactions, there are sets of general guidelines that have been put in place by different organizations to serve as a benchmark for the development and deployment of cloud computing systems.

The latest to add to this helpful list is CipherCloud, a reputable member in cloud information protection. CipherCloud has revealed five steps aimed towards realizing PCI DSS compliance in the cloud. These guidelines sort of simplify and work in conjunction with the newly released PCI Council’s guidelines for organizations dealing with delicate data like cardholder information to ensure that nothing lands into the wrong hands during transit and while in storage.

While the PCI Security Standards Council (PCI SSC) vouches for joint efforts between customers and service providers, CipherCloud gives the actual actionable steps that lead to the implementation of the PCI SSC suggestions.

The steps CipherCloud outlines in its suggested guidelines cover cloud encryption of cardholder data, customer retention of encryption key control, key management, complete data sovereignty with legal compliance and restricting access to cardholder data on a need-to-know basis.

With the whole report expounding on how each of the above steps should be handled, it is a clear indicator that the client is wrong in assuming that service providers will take care of all the security needs of the stored data. It also emphasizes on PCI SSC suggestion, which calls for both the client and service provider to work hand-in-hand in data security management.

CipherCloud has therefore provided a solution to organizations that avoid cloud computing due to a lack of knowledge on what is required to stay safe. By splitting down the number of options cloud customers have in securing critical cardholder data (either by encrypting it before uploading or retaining it on on-premise data centers), CipherCloud offers customers simple applicable solutions to helping their service providers impose security on data.

These guidelines are timely saviors to firms that are either struggling to plug a mess created by insecure cloud computing approaches or giving those who stay away from the cloud a reason to jump onto the bandwagon. It is more of a systematic guide to implementing the ideas proposed by PCI SSC.

Edited by Allison Boccamazzo

MSPToday Contributing Writer

Related Articles

Telinta Enables ITSPs and MSPs to Easily Transition Customers to Teleworking

By: Erik Linask    4/8/2020

Telinta's Virtual Office solutions is helping service providers transitions their customers to teleworking amid the COVID-19 pandemic.

Read More

CoreDial CEO Alan Rihm Joins Cloud Communications Alliance Board

By: Erik Linask    4/6/2020

CoreDial CEO Alan Rihm brings 15 years off success in building channel-focused a UCaaS and CCaaS business to the Cloud Communications Alliance as a Bo…

Read More

New MSP Ascend Technologies Launches in the Midwest

By: Stefania Viscusi    4/2/2020

Managed service providers (MSPs) play an important role today as cloud technology and remote work are leading so many functions. In the mid-west regio…

Read More

netsapiens Releases Update to Unified Communications Platform to Enable Teleworking in a Snap

By: Erik Linask    4/2/2020

netsapiens has release the latest update to its SNAPsolutions UC&C platform to further enable MSPs and resellers to help businesses adopt remote worki…

Read More

Stellar Cyber Gets Additional Funding to Grow Its Security Business

By: Erik Linask    3/25/2020

AI-based security provider Stellar Cyber has extended its Series A funding with $7.1 million in new investment to grow its business and increase its p…

Read More