Customers of the cloud could look for other security standards beyond PCI, E.G ISO27001, which some SAAS/Cloud providers maintain. It is an Information security standard after all....

[ more ]  [ reply ]

Think of it this way. Software will have to establish a 'rolling perimeter' and travel with the data. Much like a security detail with a VIP. Self contained, and able to communicate with a command center at all times. Hard? Yes - so let's get started.

2501...

[ more ]  [ reply ]

"For example, a requirement of the Payment Card Industry (PCI) Data Security Standard (DSS) is that "only one primary function (exists) per server." Reasonable answers to such requirements must first be sought out, Dahn said."

Thank you. It's about time somebody said something about this redicul...

[ more ]  [ reply ]