New PCI DSS on AWS Compliance Guideline provides important information for implementing compliant applications

Our mission within AWS Security Assurance Solutions would be to ease Payment Cards Industry Data Security Regular (PCI DSS) compliance for several Amazon Web Providers (AWS) customers. We function carefully with the AWS audit group to answer customer queries about knowing their compliance, implementing and finding solutions, and optimizing their assessments and controls. The most regular and foundational queries have been compiled to generate the Payment Card Industry Data Security Standard (PCI DSS) 3.2.1 on AWS Compliance Guide. The guide can be an summary of concepts and concepts for developing PCI DSS compliant apps. Each section is completely referenced to resource AWS documentation to meet up PCI DSS reporting specifications.

The guide helps customers that are creating payment applications, compliance teams which are getting ready to manage assessments of cloud applications, internal assessment teams, and PCI Qualified Security Assessors (QSA) helping customers who use AWS.

What’s in the guideline?

The aim of the guide would be to provide customers with the info they need to arrange for and record the PCI DSS compliance of these AWS workloads.

The guide includes:

  1. What AWS PCI DSS Level 1 COMPANY status opportinity for customers
  2. Evaluation scoping of AWS programs
  3. Necessary diagrams for assessments
  4. Requirement-by-requirement guidance

The guide is most readily useful for those who are building solutions on AWS, but it addittionally will help Qualified Safety Assessors (QSAs), internal security assessors (ISAs), and internal audit teams understand the assessment of cloud applications better. It provides types of the diagrams necessary for assessments and contains links to AWS supply documentation to aid assessment evidence requirements.

Compliance from cloud scale

More clients than are working PCI DSS compliant workloads upon AWS ever, with a large number of compliant apps. New protection and governance tools accessible from AWS and the AWS Companion Network (APN) enable creating business-as-normal compliance and automated safety tasks so that you can change your concentrate to scaling and innovating your organization.

If you have queries or want to find out more, contact your accounts executive, or submit remarks in the Comments section below.

Want a lot more AWS Security how-to articles, news, and show announcements? Stick to us on Twitter.


Tim Winston

Tim is really a Senior Protection Consultant for AWS Safety Assurance Services. He targets assisting clients optimize and build-in PCI compliance.


Ted Tanner

Ted is really a Senior Protection Consultant for AWS Safety Assurance Services. He targets assisting clients build-in and optimize PCI compliance.

%d bloggers like this: