How Secure is Your Cloud Solution?

WHAT IS IT?

An increasing number of companies are turning to cloud computing: the practice of using a network of remote servers hosted on the Internet to store, manage, and process data. The flexibility that the “cloud” offers is unmatched, but as its popularity has soared, so have the risks. MegaplanIT’s Cloud Security Architecture Review will help you assess and secure your cloud solution, so that you can enjoy the benefits of the cloud without putting your data at risk.  

 

PCI-DSS and HIPAA Compliance in the Cloud

During the Cloud Security Architecture Review, MegaplanIT consultants will perform a high-level assessment of your system architecture and use the information gathered to establish protocols to ensure (1) the safe storage of patient and consumer information and (2) the secure processing of credit card transactions. 

MegaplanIT will examine your cloud architecture to ensure compliance with PCI-DSS and HIPAA to safeguard personal information. Our security consultants will also evaluate your credit card processing system against the PCI-DSS Merchant & Service Provider requirements. After a thorough assessment, your specialist will illustrate each area of non-compliance and offer remediation options. 

The 12 PCI-DSS Requirements

1
BUILD AND MAINTAIN A SECURE NETWORK

Requirement 1: Install and maintain a firewall configuration to protect cardholder data.

2

Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters.

3
PROTECT CARDHOLDER DATA

Requirement 3: Protect stored cardholder data.

4

Requirement 4: Encrypt transmission of cardholder data across open, public networks.

5
MAINTAIN A VULNERABILITY MANAGEMENT PROGRAM

Requirement 5: Use and regularly update antivirus software or programs.

6

Requirement 6: Develop and maintain secure systems and applications.

7
IMPLEMENT STRONG ACCESS CONTROL MEASURES

Requirement 7: Restrict access to cardholder data by business need to know.

8

Requirement 8: Assign a unique ID to each person with computer access.

9

Requirement 7: Restrict access to cardholder data by business need to know.

10

Requirement 8: Assign a unique ID to each person with computer access.

11

Requirement 9: Restrict physical access to cardholder data.

12
REGULARLY MONITOR AND TEST NETWORKS

Requirement 10: Track and monitor all access to network resources and cardholder data.

13

Requirement 11: Regularly test security systems and processes.

14
MAINTAIN AN INFORMATION SECURITY POLICY

Requirement 12: Maintain a policy that addresses information security for all personnel.

See All Requirements
Don’t wait—protect your cloud data and secure compliance
with MegaplanIT's Cloud Security Architecture Review today.