If your company deals with payment card data, you need to go through a long and cumbersome certification process outlined by the Payment Card Industry (PCI). The PCI Data Security Standard (PCI DSS) requires annual audits to ensure appropriate security controls and processes are being used for any applications or services that deal with sensitive customer data.
If your applications are hosted in the cloud, PCI compliance can be easier – as long as you choose the right service provider. Infrastructure as a Service (IaaS) providers like AWS have Level 1 PCI DSS certification. This means they care for many aspects of physical data center security that you would otherwise be responsible for.
As of version 3 of the standard, if you use third party Software as a Service (SaaS) offerings, they are included in the scope of your PCI audit!
This means if you are using SaaS offerings for log management, monitoring or security, they need to be PCI DSS certified, even if the service doesn’t directly deal with cardholder data.
Today we’re happy to announce that Trend MicroTM Deep Security as a ServiceTM is now a PCI DSS Level 1 Service Provider! This means you can further streamline your PCI DSS certification process and take more items off of your to do list.
Customers like Matchmove have relied on Deep Security to address critical requirements for PCI such as Intrusion Prevention (11.4), Integrity Monitoring (11.5), Anti-malware (5.1) and many more. And now Trend Micro customers can further simplify and accelerate compliance with Deep Security as a Service, by removing the cost and effort of running the security management stack.
For more details on how to accelerate PCI DSS compliance in AWS – check out this blog from April 2016.
Or try Deep Security as a Service for yourself with our 30 day free trial.
If you have questions or comments, email us at firstname.lastname@example.org.