Meeting PCI DSS on Microsoft Azure
What You Need to Know
Moving to “The Cloud” can be an intimidating prospect if it is outside one’s experience. Adding concerns around credit card payment security and compliance can make it seem overwhelming. To further complicate the problem, the PCI standards weren’t designed with cloud services in mind. But the benefits of the cloud can be too valuable to sacrifice to the challenges of PCI.
This 45-minute webinar is for organizations that host, leverage services, or want to migrate some or all of a cardholder data environment (CDE) on Microsoft Azure. The presentation will cover what you need to know about preparing to meet PCI DSS requirements for architecting, migrating, or deploying workloads on Microsoft Azure.
- Kevin Tam, Managing Principal, Payments – Cloud & Tech
- Dan Stocker, Practice Director, Payments – Cloud & Tech
- Frank Simorjay, Senior Program Manager in Microsoft Azure Global Ecosystem
Discussion will center around how Azure can be used by organizations to simplify their compliance processes and highlight some best practices such as how to evaluate your cardholder data environment to minimize scope and lessons learned from advising and assessing organizations that leverage Azure.
This webinar will cover:
- PCI-certified Azure services and how you can leverage them
- Shared responsibility matrix and (PCI specific) controls inheritance
- CDE design / optimization considerations to reduce scope
- Microsoft’s Foundational architecture for PCI compliant environments
Leading Experience in Microsoft Azure, Cybersecurity, and PCI DSS
Coalfire is a diverse professional services firm focused on cybersecurity assessment and advisory, risk management and compliance, technical testing and security engineering. We helped define the acceptance of PCI assessments of cloud deployments. Coalfire serves as Microsoft Azure’s PCI DSS and HITRUST assessor. In addition, we perform ISO related work and have drafted multiple whitepapers. Coalfire also serves Microsoft overall in a number of ways such as PCI DSS, ISO, and FedRAMP, and have performed both assessments as well as provided advisory services. We are now the leading compliance assessor and advisor for the largest cloud solution providers across the spectrum of cloud deployment models (PaaS, IaaS, and SaaS).