SlideShare a Scribd company logo

PCI Compliance and Cloud Reference Architecture

H
HyTrust
TechnologyBusiness
1 of 15
Download to read offline
PCI Compliance and Cloud Reference Architecture A Best Practices Discussion with Authors Moderator: Hemma Prafullchandra, HyTrust Brought to you by: Panelists: George Gerchow, VMware Christian Janoff, Cisco Allan MacPhee, Trend Micro Kennet Westby, Coalfire Ken Owens, Savvis © HyTrust, Inc. All rights reserved. 1975 W. El Camino Real, Suite 203, Mountain View, CA 94040 Phone: 650-681-8100 / email: info@hytrust.com 1
Speakers George Gerchow Hemma Prafullchandra Director, VMware Center for CTO/SVP Products Policy and Compliance HyTrust VMware Ken Owens Allan MacPhee Vice President of Security Senior Product Manager & Virtualization Technologies, Trend Micro Savvis Kennet Westby Christian Janoff CEO Industry Enterprise Architect Coalfire Cisco 2
Hemma Prafullchandra   Founded in Fall 2007 and Headquartered in Mountain View, CA.   Venture backed by Cisco, Epic, Granite, and Trident with strategic partners including VMware, CA, Cisco, Symantec, Intel, and VCE   HyTrust provides centralized control for virtual infrastructure, administrative access, policy management, and compliance.   HyTrust product addresses multiple requirements set forth in PCI. Outlined in Reference architecture doc (will be emailed after webinar)   HyTrust serves as co-leader in development and organization of PCI Cloud Reference Architecture team and content 3
George Gerchow About VMware VMware, the virtualization and cloud infrastructure leader, delivers the most customer-proven, reliable, secure and complete platform to build the enterprise cloud. VMware has more than 250,000 customers, including 99% of the Fortune 1000 and 97% of the Fortune Global 500. VMware customers have experienced unmatched results with VMware solutions. • Financial: 50-60% CapEx savings • Human: Average of 33 percent cumulative time savings for day-to-day administrative activities. • Energy: Up to 80%, leveraging consolidation and distributed power management. 4
Christian Janoff   Christian Janoff  Vertical Solutions Architect at Cisco  Has led Cisco's participation on the PCI Security Standards Council since 2007 as a member of their Board of Advisors   Cisco virtual technology  Virtual servers, switching, routing, firewalling and intrusion detection systems for public and private clouds   For more information on Cisco and PCI: http://www.cisco.com/go/pci2. 5
Who is Savvis Hosting Track Cloud Track Savvis Symphony VPDC Enterprise features, multi-tier QoS Reduced Opex Savvis Symphony Open Multi-Tenant virtual infrastructure Savvis Symphony Dedicated Dedicated, virtual infrastructure Utility Compute Multi-tenant Stateless Bladeframe Managed Hosting Dedicated physical infrastructure Colocation Enterprise-Grade Space & Power Service Standardization, Virtualization & Automation 6
Allan MacPhee © 2011, HyTrust, Inc. www.hytrust.com 7
Kennet Westby © 2011, HyTrust, Inc. www.hytrust.com 8
Audience Poll - Let’s Get to Know Each Other   How many are virtualizing or have virtualized cardholder data?   How many of you are looking at cloud services?   How many feel your QSA is comfortable with your virtualized environment? 9
Panel Discussion What are the characteristics of a cloud that make PCI compliance difficult? Can a shared cloud environment even be PCI compliant? What does it mean when your cloud provider tells you that they are PCI certified?  What areas should your cloud provider be responsible for?  What are the key questions you should ask your cloud provider to understand the scope of PCI certification achieved?  How does a merchant figure out what the shared responsibility split is in detail? 10
Panel Discussion If my environment is already PCI compliant and I want to just extend a single tier to a public cloud, what should I be concerned about? What is the best way to involve my QSA in these discussions? What resources can I use to help me plan for and use cloud computing for my CDE?   Policy, People, Process, Technology 11
Key Takeaways and Guidance PCI Compliance in Virtualized environments (on-premise)   Virtualization increases the risk and complexity of PCI compliance, engage your QSA early to streamline the audit process   Look beyond traditional security vendors for solutions that address virtualization specific requirements (hypervisor/VM controls)   View virtualization as an opportunity to improve your current processes – i.e. reporting, monitoring, inter-VM controls, etc. and achieve objectives that you always wanted in physical environments but could not afford or were restricted by legacy infrastructure   Embrace virtualization with a virtualization by default approach and build compliance into the default mode of operation 12
Key Takeaways and Guidance PCI Compliance in the Cloud  Compliance is possible, but it takes the right cloud provider  Compliance is a shared responsibility, there is no magic bullet  Understand the details & scope of your cloud provider’s PCI certification  Work with your QSA to create a strategy for addressing the remaining required PCI controls  Cloud compliance requires elastic and automated VM security and persistence of machine data for audit and forensics  Create a strategy for Cloud compliance  Start with virtualized on premise and dedicated hosting environments  Evolve and apply these controls to cloud environments 13
Additional Resources   www.pcisecuritystandards.org   www.coalfiresystems.com   www.hytrust.com/pci   www.savvis.net   http://us.trendmicro.com/us/solutions/enterprise/security-solutions/ compliance/   http://www.vmware.com/solutions/datacenter/cloud-security- compliance/unified-framework.html   www.cisco.com Just Published: PCI-compliant Cloud Reference Architecture 14
Thank You 15

Recommended

PCI and the Cloud
PCI and the CloudPCI and the Cloud
PCI and the CloudCloudPassage
 
Cloud Security: Perception VS Reality
Cloud Security: Perception VS RealityCloud Security: Perception VS Reality
Cloud Security: Perception VS RealityKVH Co. Ltd.
 
Seguridad en SQL Azure Windows azure
Seguridad en SQL Azure Windows azureSeguridad en SQL Azure Windows azure
Seguridad en SQL Azure Windows azureEduardo Castro
 
Building a Strong Foundation for Your Cloud with Identity Management
Building a Strong Foundation for Your Cloud with Identity ManagementBuilding a Strong Foundation for Your Cloud with Identity Management
Building a Strong Foundation for Your Cloud with Identity ManagementNishant Kaushik
 
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Acrodex
 
Vmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend MicroVmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend MicroGraeme Wood
 
Cloud Adoption - A Practical Approach
Cloud Adoption - A Practical ApproachCloud Adoption - A Practical Approach
Cloud Adoption - A Practical ApproachLicensingLive! - SafeNet
 
Axoss Wireless Vulnerability Assessment Services
Axoss Wireless Vulnerability Assessment ServicesAxoss Wireless Vulnerability Assessment Services
Axoss Wireless Vulnerability Assessment ServicesBulent Buyukkahraman
 

Recommended

PCI and the Cloud
PCI and the CloudPCI and the Cloud
PCI and the CloudCloudPassage
 
Cloud Security: Perception VS Reality
Cloud Security: Perception VS RealityCloud Security: Perception VS Reality
Cloud Security: Perception VS RealityKVH Co. Ltd.
 
Seguridad en SQL Azure Windows azure
Seguridad en SQL Azure Windows azureSeguridad en SQL Azure Windows azure
Seguridad en SQL Azure Windows azureEduardo Castro
 
Building a Strong Foundation for Your Cloud with Identity Management
Building a Strong Foundation for Your Cloud with Identity ManagementBuilding a Strong Foundation for Your Cloud with Identity Management
Building a Strong Foundation for Your Cloud with Identity ManagementNishant Kaushik
 
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Acrodex
 
Vmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend MicroVmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend MicroGraeme Wood
 
Cloud Adoption - A Practical Approach
Cloud Adoption - A Practical ApproachCloud Adoption - A Practical Approach
Cloud Adoption - A Practical ApproachLicensingLive! - SafeNet
 
Axoss Wireless Vulnerability Assessment Services
Axoss Wireless Vulnerability Assessment ServicesAxoss Wireless Vulnerability Assessment Services
Axoss Wireless Vulnerability Assessment ServicesBulent Buyukkahraman
 
Private Cloud - Harbour MSP
Private Cloud - Harbour MSPPrivate Cloud - Harbour MSP
Private Cloud - Harbour MSPGPorterHarbour
 
Agrica- Cisco
Agrica- CiscoAgrica- Cisco
Agrica- CiscoCisco Case Studies
 
Rht cloud 129
Rht cloud 129Rht cloud 129
Rht cloud 129Eric Blaufarb
 
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...Skybox Security
 
Forecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, TrapezoidForecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, TrapezoidOpen Data Center Alliance
 
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...Proact Netherlands B.V.
 
Peak 10 Overview
Peak 10 OverviewPeak 10 Overview
Peak 10 OverviewKelley Hire
 
Cloud Computing at Cisco
Cloud Computing at CiscoCloud Computing at Cisco
Cloud Computing at CiscoCisco Canada
 
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows AzureSecuring a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azurevivekbhat
 
Securing Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security ServiceSecuring Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security ServiceNovell
 
Cloudop security
Cloudop securityCloudop security
Cloudop securitywardspan
 
Planet Lab
Planet LabPlanet Lab
Planet LabJulia Proskurnia
 
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust
 
eFolder AppAssure Cloud Briefing_Public
eFolder AppAssure Cloud Briefing_PubliceFolder AppAssure Cloud Briefing_Public
eFolder AppAssure Cloud Briefing_PublicDropbox
 
SIOS Private Cloud
SIOS Private CloudSIOS Private Cloud
SIOS Private CloudJim Kaskade
 
Cisco cloud presentation
Cisco cloud presentationCisco cloud presentation
Cisco cloud presentationAbdelkader YEDDES
 
Nimsoft Monitor for vCloud
Nimsoft Monitor for vCloudNimsoft Monitor for vCloud
Nimsoft Monitor for vCloudCA Nimsoft
 
Digi cert newsletter-2013-02
Digi cert newsletter-2013-02Digi cert newsletter-2013-02
Digi cert newsletter-2013-02Pittayakom Sa-ingtong
 
Roadmap and Technology Incubators
Roadmap and Technology IncubatorsRoadmap and Technology Incubators
Roadmap and Technology IncubatorsAngelo Corsaro
 
Open Stack China Trip Sz0922
Open Stack China Trip Sz0922Open Stack China Trip Sz0922
Open Stack China Trip Sz0922OpenCity Community
 
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...Khazret Sapenov
 
Open icf (open identity connector framework) @ forgerock deutsch
Open icf (open identity connector framework) @ forgerock deutschOpen icf (open identity connector framework) @ forgerock deutsch
Open icf (open identity connector framework) @ forgerock deutschHanns Nolan
 

More Related Content

What's hot

Private Cloud - Harbour MSP
Private Cloud - Harbour MSPPrivate Cloud - Harbour MSP
Private Cloud - Harbour MSPGPorterHarbour
 
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...Skybox Security
 
Forecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, TrapezoidForecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, TrapezoidOpen Data Center Alliance
 
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...Proact Netherlands B.V.
 
Peak 10 Overview
Peak 10 OverviewPeak 10 Overview
Peak 10 OverviewKelley Hire
 
Cloud Computing at Cisco
Cloud Computing at CiscoCloud Computing at Cisco
Cloud Computing at CiscoCisco Canada
 
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows AzureSecuring a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azurevivekbhat
 
Securing Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security ServiceSecuring Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security ServiceNovell
 
Cloudop security
Cloudop securityCloudop security
Cloudop securitywardspan
 
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust
 
eFolder AppAssure Cloud Briefing_Public
eFolder AppAssure Cloud Briefing_PubliceFolder AppAssure Cloud Briefing_Public
eFolder AppAssure Cloud Briefing_PublicDropbox
 
SIOS Private Cloud
SIOS Private CloudSIOS Private Cloud
SIOS Private CloudJim Kaskade
 
Nimsoft Monitor for vCloud
Nimsoft Monitor for vCloudNimsoft Monitor for vCloud
Nimsoft Monitor for vCloudCA Nimsoft
 
Roadmap and Technology Incubators
Roadmap and Technology IncubatorsRoadmap and Technology Incubators
Roadmap and Technology IncubatorsAngelo Corsaro
 

What's hot (20)

Private Cloud - Harbour MSP
Private Cloud - Harbour MSPPrivate Cloud - Harbour MSP
Private Cloud - Harbour MSP
 
Agrica- Cisco
Agrica- CiscoAgrica- Cisco
Agrica- Cisco
 
Rht cloud 129
Rht cloud 129Rht cloud 129
Rht cloud 129
 
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...
 
Forecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, TrapezoidForecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
 
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...
 
Peak 10 Overview
Peak 10 OverviewPeak 10 Overview
Peak 10 Overview
 
Cloud Computing at Cisco
Cloud Computing at CiscoCloud Computing at Cisco
Cloud Computing at Cisco
 
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows AzureSecuring a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azure
 
Securing Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security ServiceSecuring Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security Service
 
Cloudop security
Cloudop securityCloudop security
Cloudop security
 
Planet Lab
Planet LabPlanet Lab
Planet Lab
 
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure
 
eFolder AppAssure Cloud Briefing_Public
eFolder AppAssure Cloud Briefing_PubliceFolder AppAssure Cloud Briefing_Public
eFolder AppAssure Cloud Briefing_Public
 
SIOS Private Cloud
SIOS Private CloudSIOS Private Cloud
SIOS Private Cloud
 
Cisco cloud presentation
Cisco cloud presentationCisco cloud presentation
Cisco cloud presentation
 
Nimsoft Monitor for vCloud
Nimsoft Monitor for vCloudNimsoft Monitor for vCloud
Nimsoft Monitor for vCloud
 
Digi cert newsletter-2013-02
Digi cert newsletter-2013-02Digi cert newsletter-2013-02
Digi cert newsletter-2013-02
 
Roadmap and Technology Incubators
Roadmap and Technology IncubatorsRoadmap and Technology Incubators
Roadmap and Technology Incubators
 
Open Stack China Trip Sz0922
Open Stack China Trip Sz0922Open Stack China Trip Sz0922
Open Stack China Trip Sz0922
 

Viewers also liked

Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...Khazret Sapenov
 
Open icf (open identity connector framework) @ forgerock deutsch
Open icf (open identity connector framework) @ forgerock deutschOpen icf (open identity connector framework) @ forgerock deutsch
Open icf (open identity connector framework) @ forgerock deutschHanns Nolan
 
PCI Compliance in the Cloud
PCI Compliance in the CloudPCI Compliance in the Cloud
PCI Compliance in the CloudControlCase
 
Simple cloud reference architecture
Simple cloud reference architectureSimple cloud reference architecture
Simple cloud reference architectureDaeMyung Kang
 
Mobile security-reference-architecture
Mobile security-reference-architectureMobile security-reference-architecture
Mobile security-reference-architectureVishal Sharma
 
Cloud reference architecture as per nist
Cloud reference architecture as per nistCloud reference architecture as per nist
Cloud reference architecture as per nistgaurav jain
 
Intro to Cloud Computing in the Federal Government
Intro to Cloud Computing in the Federal GovernmentIntro to Cloud Computing in the Federal Government
Intro to Cloud Computing in the Federal GovernmentIntel Corporation
 
The Enterprise Reference Architecture and Tools
The Enterprise Reference Architecture and ToolsThe Enterprise Reference Architecture and Tools
The Enterprise Reference Architecture and ToolsSoftware Park Thailand
 
Reference Architecture for Data Loss Prevention in the Cloud
Reference Architecture for Data Loss Prevention in the CloudReference Architecture for Data Loss Prevention in the Cloud
Reference Architecture for Data Loss Prevention in the CloudNetskope
 
Take It to the Cloud: The Evolution of Security Architecture
Take It to the Cloud: The Evolution of Security ArchitectureTake It to the Cloud: The Evolution of Security Architecture
Take It to the Cloud: The Evolution of Security ArchitecturePriyanka Aash
 
The F5 DDoS Protection Reference Architecture (Technical White Paper)
The F5 DDoS Protection Reference Architecture (Technical White Paper)The F5 DDoS Protection Reference Architecture (Technical White Paper)
The F5 DDoS Protection Reference Architecture (Technical White Paper)F5 Networks
 
Extending Active Directory to Box for Seamless IT Management
Extending Active Directory to Box for Seamless IT ManagementExtending Active Directory to Box for Seamless IT Management
Extending Active Directory to Box for Seamless IT ManagementOkta-Inc
 
Security Building Blocks of the IBM Cloud Computing Reference Architecture
Security Building Blocks of the IBM Cloud Computing Reference ArchitectureSecurity Building Blocks of the IBM Cloud Computing Reference Architecture
Security Building Blocks of the IBM Cloud Computing Reference ArchitectureStefaan Van daele
 
F5 Application Services Reference Architecture (Audio)
F5 Application Services Reference Architecture (Audio)F5 Application Services Reference Architecture (Audio)
F5 Application Services Reference Architecture (Audio)F5 Networks
 
AWS Security Architecture - Overview
AWS Security Architecture - OverviewAWS Security Architecture - Overview
AWS Security Architecture - OverviewSai Kesavamatham
 
Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?ForgeRock
 
Oracle Cloud Reference Architecture
Oracle Cloud Reference ArchitectureOracle Cloud Reference Architecture
Oracle Cloud Reference ArchitectureBob Rhubart
 
NIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference ArchitectureNIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference ArchitectureThanakrit Lersmethasakul
 
Cloud Computing and the Next-Generation of Enterprise Architecture - Cloud Co...
Cloud Computing and the Next-Generation of Enterprise Architecture - Cloud Co...Cloud Computing and the Next-Generation of Enterprise Architecture - Cloud Co...
Cloud Computing and the Next-Generation of Enterprise Architecture - Cloud Co...Stuart Charlton
 
AWS Webcast - Active Directory on AWS
AWS Webcast - Active Directory on AWSAWS Webcast - Active Directory on AWS
AWS Webcast - Active Directory on AWSAmazon Web Services
 

Viewers also liked (20)

Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
 
Open icf (open identity connector framework) @ forgerock deutsch
Open icf (open identity connector framework) @ forgerock deutschOpen icf (open identity connector framework) @ forgerock deutsch
Open icf (open identity connector framework) @ forgerock deutsch
 
PCI Compliance in the Cloud
PCI Compliance in the CloudPCI Compliance in the Cloud
PCI Compliance in the Cloud
 
Simple cloud reference architecture
Simple cloud reference architectureSimple cloud reference architecture
Simple cloud reference architecture
 
Mobile security-reference-architecture
Mobile security-reference-architectureMobile security-reference-architecture
Mobile security-reference-architecture
 
Cloud reference architecture as per nist
Cloud reference architecture as per nistCloud reference architecture as per nist
Cloud reference architecture as per nist
 
Intro to Cloud Computing in the Federal Government
Intro to Cloud Computing in the Federal GovernmentIntro to Cloud Computing in the Federal Government
Intro to Cloud Computing in the Federal Government
 
The Enterprise Reference Architecture and Tools
The Enterprise Reference Architecture and ToolsThe Enterprise Reference Architecture and Tools
The Enterprise Reference Architecture and Tools
 
Reference Architecture for Data Loss Prevention in the Cloud
Reference Architecture for Data Loss Prevention in the CloudReference Architecture for Data Loss Prevention in the Cloud
Reference Architecture for Data Loss Prevention in the Cloud
 
Take It to the Cloud: The Evolution of Security Architecture
Take It to the Cloud: The Evolution of Security ArchitectureTake It to the Cloud: The Evolution of Security Architecture
Take It to the Cloud: The Evolution of Security Architecture
 
The F5 DDoS Protection Reference Architecture (Technical White Paper)
The F5 DDoS Protection Reference Architecture (Technical White Paper)The F5 DDoS Protection Reference Architecture (Technical White Paper)
The F5 DDoS Protection Reference Architecture (Technical White Paper)
 
Extending Active Directory to Box for Seamless IT Management
Extending Active Directory to Box for Seamless IT ManagementExtending Active Directory to Box for Seamless IT Management
Extending Active Directory to Box for Seamless IT Management
 
Security Building Blocks of the IBM Cloud Computing Reference Architecture
Security Building Blocks of the IBM Cloud Computing Reference ArchitectureSecurity Building Blocks of the IBM Cloud Computing Reference Architecture
Security Building Blocks of the IBM Cloud Computing Reference Architecture
 
F5 Application Services Reference Architecture (Audio)
F5 Application Services Reference Architecture (Audio)F5 Application Services Reference Architecture (Audio)
F5 Application Services Reference Architecture (Audio)
 
AWS Security Architecture - Overview
AWS Security Architecture - OverviewAWS Security Architecture - Overview
AWS Security Architecture - Overview
 
Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?
 
Oracle Cloud Reference Architecture
Oracle Cloud Reference ArchitectureOracle Cloud Reference Architecture
Oracle Cloud Reference Architecture
 
NIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference ArchitectureNIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference Architecture
 
Cloud Computing and the Next-Generation of Enterprise Architecture - Cloud Co...
Cloud Computing and the Next-Generation of Enterprise Architecture - Cloud Co...Cloud Computing and the Next-Generation of Enterprise Architecture - Cloud Co...
Cloud Computing and the Next-Generation of Enterprise Architecture - Cloud Co...
 
AWS Webcast - Active Directory on AWS
AWS Webcast - Active Directory on AWSAWS Webcast - Active Directory on AWS
AWS Webcast - Active Directory on AWS
 

Similar to PCI Compliance and Cloud Reference Architecture

PCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best PracticesPCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best PracticesHyTrust
 
Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?doan_slideshares
 
Cloud computing in south africa reality or fantasy
Cloud computing in south africa reality or fantasyCloud computing in south africa reality or fantasy
Cloud computing in south africa reality or fantasySamantha James
 
Stott May Presentation
Stott May PresentationStott May Presentation
Stott May Presentationcaoimheos
 
Developing Your Cloud Strategy
Developing Your Cloud StrategyDeveloping Your Cloud Strategy
Developing Your Cloud StrategyInternap
 
Runecast: Simplified Security with Unparalleled Transparency (March 2022)
Runecast: Simplified Security with Unparalleled Transparency (March 2022)Runecast: Simplified Security with Unparalleled Transparency (March 2022)
Runecast: Simplified Security with Unparalleled Transparency (March 2022)Jason Mashak
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...HyTrust
 
VMware vCloud Director 1.5 - What's New
VMware vCloud Director 1.5 - What's NewVMware vCloud Director 1.5 - What's New
VMware vCloud Director 1.5 - What's New1CloudRoad.com
 
Intel Cloud Summit ODCA - NAB Customer presentation
Intel Cloud Summit ODCA - NAB Customer presentationIntel Cloud Summit ODCA - NAB Customer presentation
Intel Cloud Summit ODCA - NAB Customer presentationIntelAPAC
 
Accelerating the Speed of Innovation - Jason Waxman, Intel
Accelerating the Speed of Innovation - Jason Waxman, IntelAccelerating the Speed of Innovation - Jason Waxman, Intel
Accelerating the Speed of Innovation - Jason Waxman, IntelOpen Data Center Alliance
 
Vss Security And Compliance For The Cloud
Vss Security And Compliance For The CloudVss Security And Compliance For The Cloud
Vss Security And Compliance For The CloudGraeme Wood
 
Developing Your Cloud Strategy
Developing Your Cloud StrategyDeveloping Your Cloud Strategy
Developing Your Cloud StrategyAl Afflitto
 
What You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud GuidelinesWhat You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud GuidelinesCloudPassage
 
Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesSecure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesHyTrust
 
The Cloud according to VMware
The Cloud according to VMwareThe Cloud according to VMware
The Cloud according to VMwareOpSource
 
How to deploy a Private Cloud based on WAP and Nutanix
How to deploy a Private Cloud based on WAP and NutanixHow to deploy a Private Cloud based on WAP and Nutanix
How to deploy a Private Cloud based on WAP and NutanixTom Van Gramberen
 
Network security security landscape-10-11-2016 part i 1200 dpi (vgarr)
Network security security landscape-10-11-2016 part i 1200 dpi (vgarr)Network security security landscape-10-11-2016 part i 1200 dpi (vgarr)
Network security security landscape-10-11-2016 part i 1200 dpi (vgarr)Vince Garr
 
Intel Cloud Summit 2012 ODCA + NAB
Intel Cloud Summit 2012 ODCA + NABIntel Cloud Summit 2012 ODCA + NAB
Intel Cloud Summit 2012 ODCA + NABIntelAPAC
 
2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity RoadmapRaleigh ISSA
 

Similar to PCI Compliance and Cloud Reference Architecture (20)

PCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best PracticesPCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best Practices
 
Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?
 
Cloud computing in south africa reality or fantasy
Cloud computing in south africa reality or fantasyCloud computing in south africa reality or fantasy
Cloud computing in south africa reality or fantasy
 
Stott May Presentation
Stott May PresentationStott May Presentation
Stott May Presentation
 
Developing Your Cloud Strategy
Developing Your Cloud StrategyDeveloping Your Cloud Strategy
Developing Your Cloud Strategy
 
Runecast: Simplified Security with Unparalleled Transparency (March 2022)
Runecast: Simplified Security with Unparalleled Transparency (March 2022)Runecast: Simplified Security with Unparalleled Transparency (March 2022)
Runecast: Simplified Security with Unparalleled Transparency (March 2022)
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
 
VMware vCloud Director 1.5 - What's New
VMware vCloud Director 1.5 - What's NewVMware vCloud Director 1.5 - What's New
VMware vCloud Director 1.5 - What's New
 
Dataplex Company Overview
Dataplex Company OverviewDataplex Company Overview
Dataplex Company Overview
 
Intel Cloud Summit ODCA - NAB Customer presentation
Intel Cloud Summit ODCA - NAB Customer presentationIntel Cloud Summit ODCA - NAB Customer presentation
Intel Cloud Summit ODCA - NAB Customer presentation
 
Accelerating the Speed of Innovation - Jason Waxman, Intel
Accelerating the Speed of Innovation - Jason Waxman, IntelAccelerating the Speed of Innovation - Jason Waxman, Intel
Accelerating the Speed of Innovation - Jason Waxman, Intel
 
Vss Security And Compliance For The Cloud
Vss Security And Compliance For The CloudVss Security And Compliance For The Cloud
Vss Security And Compliance For The Cloud
 
Developing Your Cloud Strategy
Developing Your Cloud StrategyDeveloping Your Cloud Strategy
Developing Your Cloud Strategy
 
What You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud GuidelinesWhat You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud Guidelines
 
Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesSecure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
 
The Cloud according to VMware
The Cloud according to VMwareThe Cloud according to VMware
The Cloud according to VMware
 
How to deploy a Private Cloud based on WAP and Nutanix
How to deploy a Private Cloud based on WAP and NutanixHow to deploy a Private Cloud based on WAP and Nutanix
How to deploy a Private Cloud based on WAP and Nutanix
 
Network security security landscape-10-11-2016 part i 1200 dpi (vgarr)
Network security security landscape-10-11-2016 part i 1200 dpi (vgarr)Network security security landscape-10-11-2016 part i 1200 dpi (vgarr)
Network security security landscape-10-11-2016 part i 1200 dpi (vgarr)
 
Intel Cloud Summit 2012 ODCA + NAB
Intel Cloud Summit 2012 ODCA + NABIntel Cloud Summit 2012 ODCA + NAB
Intel Cloud Summit 2012 ODCA + NAB
 
2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap
 

More from HyTrust

Virtualizing More While Improving Risk Posture – From Bare Metal to End Point
Virtualizing More While Improving Risk Posture – From Bare Metal to End PointVirtualizing More While Improving Risk Posture – From Bare Metal to End Point
Virtualizing More While Improving Risk Posture – From Bare Metal to End PointHyTrust
 
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:HyTrust
 
S24 – Virtualiza.on Security from the Auditor Perspec.ve
S24 – Virtualiza.on Security from the Auditor Perspec.veS24 – Virtualiza.on Security from the Auditor Perspec.ve
S24 – Virtualiza.on Security from the Auditor Perspec.veHyTrust
 
G12: Implementation to Business Value
G12: Implementation to Business ValueG12: Implementation to Business Value
G12: Implementation to Business ValueHyTrust
 
IBM X-Force 2010 Trend and Risk Report-March 2011
IBM X-Force 2010 Trend and Risk Report-March 2011IBM X-Force 2010 Trend and Risk Report-March 2011
IBM X-Force 2010 Trend and Risk Report-March 2011HyTrust
 
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...HyTrust
 
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies HyTrust
 
HyTrust-FISMA Compliance in the Virtual Data Center
HyTrust-FISMA Compliance in the Virtual Data CenterHyTrust-FISMA Compliance in the Virtual Data Center
HyTrust-FISMA Compliance in the Virtual Data CenterHyTrust
 

More from HyTrust (8)

Virtualizing More While Improving Risk Posture – From Bare Metal to End Point
Virtualizing More While Improving Risk Posture – From Bare Metal to End PointVirtualizing More While Improving Risk Posture – From Bare Metal to End Point
Virtualizing More While Improving Risk Posture – From Bare Metal to End Point
 
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
 
S24 – Virtualiza.on Security from the Auditor Perspec.ve
S24 – Virtualiza.on Security from the Auditor Perspec.veS24 – Virtualiza.on Security from the Auditor Perspec.ve
S24 – Virtualiza.on Security from the Auditor Perspec.ve
 
G12: Implementation to Business Value
G12: Implementation to Business ValueG12: Implementation to Business Value
G12: Implementation to Business Value
 
IBM X-Force 2010 Trend and Risk Report-March 2011
IBM X-Force 2010 Trend and Risk Report-March 2011IBM X-Force 2010 Trend and Risk Report-March 2011
IBM X-Force 2010 Trend and Risk Report-March 2011
 
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
 
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
 
HyTrust-FISMA Compliance in the Virtual Data Center
HyTrust-FISMA Compliance in the Virtual Data CenterHyTrust-FISMA Compliance in the Virtual Data Center
HyTrust-FISMA Compliance in the Virtual Data Center
 

Recently uploaded

Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxfnnc6jmgwh
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 

Recently uploaded (20)

Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 

PCI Compliance and Cloud Reference Architecture

  • 1. PCI Compliance and Cloud Reference Architecture A Best Practices Discussion with Authors Moderator: Hemma Prafullchandra, HyTrust Brought to you by: Panelists: George Gerchow, VMware Christian Janoff, Cisco Allan MacPhee, Trend Micro Kennet Westby, Coalfire Ken Owens, Savvis © HyTrust, Inc. All rights reserved. 1975 W. El Camino Real, Suite 203, Mountain View, CA 94040 Phone: 650-681-8100 / email: info@hytrust.com 1
  • 2. Speakers George Gerchow Hemma Prafullchandra Director, VMware Center for CTO/SVP Products Policy and Compliance HyTrust VMware Ken Owens Allan MacPhee Vice President of Security Senior Product Manager & Virtualization Technologies, Trend Micro Savvis Kennet Westby Christian Janoff CEO Industry Enterprise Architect Coalfire Cisco 2
  • 3. Hemma Prafullchandra   Founded in Fall 2007 and Headquartered in Mountain View, CA.   Venture backed by Cisco, Epic, Granite, and Trident with strategic partners including VMware, CA, Cisco, Symantec, Intel, and VCE   HyTrust provides centralized control for virtual infrastructure, administrative access, policy management, and compliance.   HyTrust product addresses multiple requirements set forth in PCI. Outlined in Reference architecture doc (will be emailed after webinar)   HyTrust serves as co-leader in development and organization of PCI Cloud Reference Architecture team and content 3
  • 4. George Gerchow About VMware VMware, the virtualization and cloud infrastructure leader, delivers the most customer-proven, reliable, secure and complete platform to build the enterprise cloud. VMware has more than 250,000 customers, including 99% of the Fortune 1000 and 97% of the Fortune Global 500. VMware customers have experienced unmatched results with VMware solutions. • Financial: 50-60% CapEx savings • Human: Average of 33 percent cumulative time savings for day-to-day administrative activities. • Energy: Up to 80%, leveraging consolidation and distributed power management. 4
  • 5. Christian Janoff   Christian Janoff  Vertical Solutions Architect at Cisco  Has led Cisco's participation on the PCI Security Standards Council since 2007 as a member of their Board of Advisors   Cisco virtual technology  Virtual servers, switching, routing, firewalling and intrusion detection systems for public and private clouds   For more information on Cisco and PCI: http://www.cisco.com/go/pci2. 5
  • 6. Who is Savvis Hosting Track Cloud Track Savvis Symphony VPDC Enterprise features, multi-tier QoS Reduced Opex Savvis Symphony Open Multi-Tenant virtual infrastructure Savvis Symphony Dedicated Dedicated, virtual infrastructure Utility Compute Multi-tenant Stateless Bladeframe Managed Hosting Dedicated physical infrastructure Colocation Enterprise-Grade Space & Power Service Standardization, Virtualization & Automation 6
  • 7. Allan MacPhee © 2011, HyTrust, Inc. www.hytrust.com 7
  • 8. Kennet Westby © 2011, HyTrust, Inc. www.hytrust.com 8
  • 9. Audience Poll - Let’s Get to Know Each Other   How many are virtualizing or have virtualized cardholder data?   How many of you are looking at cloud services?   How many feel your QSA is comfortable with your virtualized environment? 9
  • 10. Panel Discussion What are the characteristics of a cloud that make PCI compliance difficult? Can a shared cloud environment even be PCI compliant? What does it mean when your cloud provider tells you that they are PCI certified?  What areas should your cloud provider be responsible for?  What are the key questions you should ask your cloud provider to understand the scope of PCI certification achieved?  How does a merchant figure out what the shared responsibility split is in detail? 10
  • 11. Panel Discussion If my environment is already PCI compliant and I want to just extend a single tier to a public cloud, what should I be concerned about? What is the best way to involve my QSA in these discussions? What resources can I use to help me plan for and use cloud computing for my CDE?   Policy, People, Process, Technology 11
  • 12. Key Takeaways and Guidance PCI Compliance in Virtualized environments (on-premise)   Virtualization increases the risk and complexity of PCI compliance, engage your QSA early to streamline the audit process   Look beyond traditional security vendors for solutions that address virtualization specific requirements (hypervisor/VM controls)   View virtualization as an opportunity to improve your current processes – i.e. reporting, monitoring, inter-VM controls, etc. and achieve objectives that you always wanted in physical environments but could not afford or were restricted by legacy infrastructure   Embrace virtualization with a virtualization by default approach and build compliance into the default mode of operation 12
  • 13. Key Takeaways and Guidance PCI Compliance in the Cloud  Compliance is possible, but it takes the right cloud provider  Compliance is a shared responsibility, there is no magic bullet  Understand the details & scope of your cloud provider’s PCI certification  Work with your QSA to create a strategy for addressing the remaining required PCI controls  Cloud compliance requires elastic and automated VM security and persistence of machine data for audit and forensics  Create a strategy for Cloud compliance  Start with virtualized on premise and dedicated hosting environments  Evolve and apply these controls to cloud environments 13
  • 14. Additional Resources   www.pcisecuritystandards.org   www.coalfiresystems.com   www.hytrust.com/pci   www.savvis.net   http://us.trendmicro.com/us/solutions/enterprise/security-solutions/ compliance/   http://www.vmware.com/solutions/datacenter/cloud-security- compliance/unified-framework.html   www.cisco.com Just Published: PCI-compliant Cloud Reference Architecture 14
  • 15. Thank You 15