Have you recently moved PCI cardholder data to Amazon Web Services (AWS)? AWS has been PCI DSS certified for many years but you still need to take steps to ensure your payment card data is “secure in the cloud.” Ultimately, the responsibility for PCI compliance rests on you, not AWS.
Why is PCI DSS compliance important?
It is important to be PCI DSS compliant as companies are increasingly relying on technology to gather cardholder information. When you are PCI DSS compliant, this can help assure your customers that their information is protected.
How does AWS PCI compliance work?
Although AWS is PCI compliant, it does use a shared responsibility model. This means that if you have moved your PCI cardholder data into AWS, you share the responsibility for PCI compliance. However, because AWS is PCI-compliant, if you choose to use AWS, you do not need to worry about assessing AWS infrastructure for PCI compliance. Also, because AWS is PCI DSS compliant, if you have chosen to use AWS with your PCI cardholder data, you can rely on AWS to both get and manage your PCI certification.
How does the AWS Virtual Private Cloud (VPC) help protect data?
The AWS VPC allows a company to create and use a private network for storing