Now on Demand: Zero Trust Strategies Summit - Access All Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Amazon Web Services Achieves Level-1 PCI Compliance

Amazon Web Services (AWS) today announced it has achieved Level 1 compliance with the Payment Card Industry (PCI) Data Security Standard (DSS). Organizations can now run their applications on AWS PCI-compliant technology infrastructure to store, process and transmit credit card information in the cloud. The AWS cloud infrastructure has been validated at the highest level (Level 1) of PCI compliance, to build their cardholder environment and achieve PCI certification for their applications.

Amazon Web Services (AWS) today announced it has achieved Level 1 compliance with the Payment Card Industry (PCI) Data Security Standard (DSS). Organizations can now run their applications on AWS PCI-compliant technology infrastructure to store, process and transmit credit card information in the cloud. The AWS cloud infrastructure has been validated at the highest level (Level 1) of PCI compliance, to build their cardholder environment and achieve PCI certification for their applications.

PCI DSS is the payment card security standard that evaluates security management, policies, procedures, network architecture, software design and other critical protective measures. To achieve a Validated Level 1 Service Provider Status, AWS commissioned a third party examination by a Qualified Security Assessor (QSA) to validate compliance with PCI DSS version 2.0. The Level 1 requirement applies to any provider who stores, processes or transmits more than 300,000 transactions annually.Amazon AWS PCI Certification

PCI DDS Version 2.0 becomes effective on January 1, 2011, but validation against the previous version of the standard (1.2.1) will be allowed until December 31, 2011, giving organizations more time to understand and implement the updated standards and provide feedback throughout the process. After January 1, 2012, all assessments must be under version 2.0 of the standards.

“Security has always been and will continue to be our number one priority,” said Steve Schmidt, Chief Information Security Officer, Amazon Web Services. “By pursuing certifications and third party attestations like ISO 27001, SAS 70 Type II, FISMA, and now the PCI DSS service provider validation, we’re able to give customers continued assurance that the AWS cloud is a trustworthy and secure platform on which to build and deploy business-critical applications that demand rigorous security controls and regulatory compliance.”

Last month AWS announced it has achieved ISO 27001 certification for its AWS infrastructure, data centers and several services. ISO 27001 (ISO/IEC 27001) is a global security standard that sets out requirements for an Information Security Management System. In order to achieve the certification, a company must show it has a systematic and ongoing approach to managing sensitive company and customer information. AWS is now recognized as fully compliant with the global security standard for all AWS regions worldwide, and has also established a formal program to maintain the certification.

Just yesterday, AWS announced it would offer cloud based DNS Service designed to give developers and businesses a reliable and cost effective way to route end users to Internet applications.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Former Darktrace CEO Poppy Gustafsson has joined the UK government as Minister for Investment.

Nupur Goyal has joined cloud identity security and management solutions provider Saviynt as VP of Product Marketing.

Threat intelligence firm Intel 471 has appointed Mark Huebeler as its COO and CFO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.