Addressing PCI-DSS in Cloud and Virtual Environments - ProtectV - White Paper

The Payment Card Industry Security Standards Council (PCI SSC) has updated their guidance on the standard to support data center consolidation and cloud migration trends by publishing specific requirements for virtualization and cloud.

Key criteria for protecting virtual workloads and addressing PCI DSS cloud compliance requirements include:

• Ensure the entire VM can be encrypted, including OS, swap, and data partitions
• Prevent unauthorized users from starting VMs containing sensitive data, even those that have been moved, cloned, terminated or archived
• Separate administration and access of cryptographic keys from encrypted data
• Maintain ownership of cryptographic keys and retain the ability to delete them in case of a breach (or CSP agreement termination) to render data in VMs unreadable
• Log and report on administrative activities and events associated with VMs containing cardholder data

In this white paper, we cover the guidelines and how to use SafeNet ProtectV to address them.