We notice you are visiting from a U.S. Internet provider. 
24/02/2010 -
The use of cloud computing and virtualization has been skyrocketing in recent years, as businesses find they can cut IT costs and improve efficiency by switching to cloud-based models. In fact, a recent survey from Mimecast found that 70 percent of IT decision makers that already use cloud services plan to increase their cloud investments, while 62 percent of all respondents have considered or are considering cloud computing.
With this increasing popularity, it is no longer acceptable for there to be no mention of cloud computing or virtualization in the PCI DSS, Qualified Security Assessors Ben Rothke and David Mundhenk wrote in a feature for CSO magazine.
The QSAs noted that there is not scheduled to be a revision to the PCI DSS Wireless Guidelines until 2011, so the payment processing industry will likely have to wait until then for any guidance on how cloud computing and virtualization fit in with PCI DSS requirements.
"The longer there exists the vacuum of PCI compliance ambiguity, the more difficult it becomes to secure such technologies," Rothke and Mundhenk wrote.
Other payment processing experts have recently weighed in on this issue, with most concluding that as it stands, cloud computing and virtualization deployments are generally not compatible with PCI compliance.
