Friday, February 23, 2018
Home » Amazon Web Services » How AWS’ Recent Quick Start Release Standardizes Your PCI DSS Architecture

How AWS’ Recent Quick Start Release Standardizes Your PCI DSS Architecture

AWS recently released a new Quick Start Reference Deployment aimed at helping AWS clients and partners to build systems that conform to Payment Card Industry Data Security Standard (PCI DSS) compliance requirements. In their second Quick Start release in a set of AWS Enterprise Accelerator Compliance offerings, this standardized architecture provides both Managed Service Organizations and their clients with a template that adheres to strict security, compliance, and risk management controls while providing security-focused, standardized architecture solutions for organizations that process credit card data.

Adherence to PCI DSS stipulates that your cloud environment meets control objectives, protects cardholder data, and implements strong access controls, among additional requirements. Meeting these standards is crucial for keeping your companies financial information safe, while giving your clients assurance that they can trust you with their financial data. However, these requirements can be tricky to navigate, especially across different environments.

To help with this, the Standardized Architecture for PCI DSS on the AWS Cloud provides a template to deploy a standardized environment that is in line with PCI DSS compliance in AWS environments, and can be customized for your organization as needed. The template also sets up the things like:

  • IAM items (policies, groups, roles and instance profiles)
  • S3 buckets (encrypted web content, logging and backup)
  • Bastion host for troubleshooting and administration
  • Encrypted RDS database instance running in multiple Availability zones
  • Logging/monitoring/alerting package that makes use of AWS CloudTrail, Amazon CloudWatch, and AWS Config Rules

Additionally, the Quick Start includes a Security Controls Reference, which maps relevant architecture decisions, features, and configurations to the security controls specified by PCI DSS. The architecture also supports multiple AWS best practices, including use of multiple Availability Zones, isolation using public and private subnets, load balancing, and auto scaling.

Quick Start Reference Deployments offerings like those listed above can help ease the legwork in creating the strong foundation necessary to ensure the environment is abiding by compliance guidelines from the beginning. Want to learn more about how Datapipe can help you with architecting a PCI DSS compliant environment on AWS? You can find more information on our website.

About David Lucky

David Lucky
As Datapipe’s Director of Product Management, David has unique insight into the latest product developments for private, public, and hybrid cloud platforms and a keen understanding of industry trends and their impact on business development. David writes about a wide variety of topics including security and compliance, AWS, Microsoft, and business strategy.

Check Also

Five Cloud Computing Trends to Look for in 2018

It feels like just yesterday we were toasting to the start of 2017, and it’s hard to believe it’s already come to an end. 2017 has been a particularly exciting year for Datapipe, as we announced that we were joining forces with Rackspace to create the world’s leader in multi-cloud managed services. And although 2017 certainly has been a year to remember, we’re looking forward to everything 2018 has in store – including advancements in cloud computing. Read on to see what we think will be the biggest trends in cloud computing this year.