The new AWS GovCloud Region offers the same high level of security as other AWS Regions and supports existing AWS security controls and certifications such as FISMA, SAS-70 Type II, ISO 27001, FIPS 140-2 compliant end points, and PCI DSS Level 1
via Q&A: Teresa Carlson of Amazon Web Services Discusses GovCloud | WHIR Web Hosting Industry News.
One of the ways our customers can be are assured their data is protected is through third-party audits and certifications. Since 2008, Google Apps has successfully undergone annual SAS 70 Type II audits. This year the SAS70 Type II audit has evolved into the SSAE 16 Type II attestation and its international counterpart, ISAE 3402 Type II. We’re happy to announce that Google is one of the first major cloud providers to be certified for compliance to these new audit standards.
Until such time that it has completed a comprehensive examination of the mobile communications device and mobile payment application landscape, the Council will not approve or list mobile payment applications used by merchants to accept and process payment for goods and services as validated PA-DSS applications unless all requirements can be satisfied as stated
via PCI SSC Nixes PA-DSS Certification For Mobile Payments Applications – For A While « PCI Guru.
Microsoft also said it was close to getting FISMA certification for its BPOS services. It has already achieved the certification for its data centers and expects to complete the process for the applications within a month or so
via Microsoft Fights Google for Government Dollars – PCWorld Business Center.
Over the summer, the company launched Google Apps for Government and announced that it had received FISMA (Federal Information Security Management Act) certification, which allowed it to store sensitive, yet unclassified, information, which makes up about 80 percent of all government data.
via Google wins email, apps contract with U.S. GSA | ZDNet.
Google has landed an important federal certification for encryption and security. An official Google blog post said that the company has received Federal Information Security Management Act (FISMA) certification and accreditation from the U.S. government for its Google Apps office productivity suite, including Gmail.
via Google Apps gets FISMA-certified for government work.
The organization responsible for administering the Payment Card Industry Data Security Standard (PCI DSS) has launched a new program to help enterprises conduct self-assessments of their compliance with the standard.
The security council will train and certify IT security staff to conduct PCI compliance assessments on behalf of their companies.
via PCI council launches certification program for IT staff – Computerworld.
Absent such standards, Feigenbaum noted that Google received SaS 70 certification and shares the audit results on its security controls with customers. Google is also now seeking certification to comply with the Federal Information Security Management Act (FISMA).
via Analysis: Does the storm over cloud security mean opportunity?.
The Payment Card Industry Security Standards Council (PCI SSC), under pressure from merchants to improve the training of its certified Qualified Security Assessors (QSA), has detailed plans to beef up its PCI QSA certification review process, adding much needed staff and funding to improve oversight of the individuals who conduct PCI Data Security Standard (DSS) compliance assessments.
via PCI QSAs, certifications to get new scrutiny.
“If you treat PCI certification as a fixed-asset purchase, it will serve you over a long period and ensure the trust of your customers, which has a very definite ROI over a period of time,” Tech News World reported.
PCI compliance is worth its weight in ROI | Pivotal Payments.
