taming the compliance beast in cloud
TRANSCRIPT
By
Saumya Vishnoi
Currently working in FreeCharge Information Security team
Information Security profession – about 6 years of experience
Ex- PCI QSA
Audited multiple environments
All the information, discussion and views
presented in the talk are
personal !!!
Increases workload
Creates extra process
Costly
Business enabler –
PCI DSS for processing card details
RBI PSS for getting and running a digital wallet
Give confidence to clients and third party
Force organizations to give security a thought
Act as baseline for security
Compliance acts as an enabler for security
Ensure the compliance of Cloud provider
Check and verify the services that are part of their compliance.
Include them in your third party risk assessment section
Don’t Blindly trust them !!!
Not just compliance, check their Security policies as well
Regular audits and/or reports
Because they may be compliant but not Secure
EMAIL: [email protected]: @SAUM98