Navigating PCI Security Mountains in the Cloud

Recorded:   May 15 | 2013     Play

Organizations outsourcing card data to the cloud face significant security risks. As soon as an organization adds other players to the offsite card-management mix, ensuring compliance with the PCI Data Security Standard becomes increasingly challenging. Cloud users and cloud service providers need to understand what their roles and responsibilities are when it comes to protecting this data. Storing, processing and transmitting cardholder data in the cloud brings the cloud environment into scope for PCI-DSS. 

Organizations need to know where their data is at all times. A lot of cloud clients have limited or no control over cardholder data storage. Where's the data being stored? Is it stored in multiple locations? These are all things that you have to take into consideration when you're thinking about outsourcing to a cloud provider. Learn how to address PCI compliance challenges in the cloud and gain new insights on:

  • Emerging PCI security risks in the cloud
  • Processes for assessing risk when card data could potentially be stored in multiple locations
  • Recommendations for achieving PCI compliance across virtual environments
  • How to use a data-centric approach to reduce the cost and scope of PCI Compliance


Branden_R_WilliamsBranden Williams has over fifteen years of experience in technology and information security with a formidable background in the majority of the technologies that drive today's businesses. Branden has experience working for startups and the Fortune 10, and the reason why some of the best companies in the world rely on Branden's advice is they know that his solutions are creative and based on real world experience. His experience includes start-ups, retailers, financial institutions, utilities and energy, electronic merchants, healthcare, and payment processors. bbbbbbbbbbbbbbbbb

Dave_Anderson_PhotoDave Anderson currently serves as the Senior Director, Marketing for Voltage Security, where he is responsible for developing market strategy, delivering new technology solutions to market, and managing global campaigns and programs for Voltage's data protection and encryption solutions. Prior to Voltage, Dave led marketing and program strategy for McAfee, SAP, and VeriSign. Dave has 20 years of experience within business strategy, marketing, and product development at leading technology and services firms, including SAP, ArcSight/HP, KPMG, and VeriSign, and has worked extensively across Asia and Europe in delivering market and industry security solutions. His expertise focuses on strategy and planning, marketing, and operational governance. Dave received his MBA from Duke University, the Fuqua School of Business in 2010. He has been published in multiple industry and technical journals, and is a frequent speaker on risk management, corporate governance, security, and strategy.

Log in

Please Login to download this file

Username *
Password *
Remember Me

Create an account

Fields marked with an asterisk (*) are required.
Name *
Username *
Password *
Verify password *
Email *
Verify email *
Captcha *
Go to top