Payment Card Industry Compliance for Amazon Web Services

Verified

Added on 2023/01/18

AI Summary

This report provides an overview of Payment Card Industry (PCI) compliance for Amazon Web Services (AWS). It discusses how Amazon, as a large retailer, adheres to PCI standards to ensure secure credit card transactions and protect cardholder data. The report covers various aspects of PCI compliance, including building and maintaining a secure network, protecting cardholder data, managing vulnerabilities, implementing control measures, and conducting network testing. It highlights Amazon's use of Quickstart architecture, which provides cloud templates, automation, and guidance for database administrators. The report details key elements of Amazon's cloud architecture for PCI compliance, such as identity and access management, multi-AZ architecture for high availability, Amazon S3 buckets for data encryption and backup, security groups for access control, and elastic load balancing for web applications. It also mentions the use of Amazon CloudTrail, CloudWatch, and compliance enablers like Amazon Web Services Artifact to manage threat detection. The report concludes that PCI compliance helps Amazon provide secure transactions and protect against malicious content.

Running head: PAYMENT CARD INDUSTRY COMPLIANCES FOR AMAZON
PAYMENT CARD INDUSTRY COMPLIANCES FOR AMAZON
Name of Student
Name of University
Author Note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1PAYMENT CARD INDUSTRY COMPLIANCES FOR AMAZON
PCI compliance or Payment Card Industry is a set of data security standards that
apply to the organisation of any size where payment through credit card is accepted (Singh &
Kumar, 2014). PCI compliances give a range of advantage to cyber security with the help of
specialised tools and software. If an organization is accepting the payment through credit
cards then then it need to handle data of the cardholder. By providing encryption to the public
networks, protection to sensitive data can be achieved (Hendre & Joshi, 2015). All the data
are stored securely, and the data are transmitted in encrypted form. An organisation adopts
tools for secure transaction of money and storing the data.
Amazon Web series is a large retailer organisation in the U.S, and the compliance offers
security based architecture that is based on the solutions to help the database administrator
(Amazon Web Services, Inc., 2019). There are several PCI compliances for the database
administrator that includes building and maintenance of a secure network, Protecting the data
of the cardholder, program for management of vulnerability, implementing several control
measures, network testing and maintenance of IT security. All these PCI compliance is
provided by the Quickstart architecture of AWS. For supporting the Payment card industry
compliances, a cloud architecture is built in amazon web series (Amazon Web Services, Inc.,
2019). The services that are offered by Amazon Web Series is a range of QuickStarts. It
makes it easy for the database administrator with PCI compliance. It includes the formation
of Cloud templates that help in the configuration of the environment, supports the automation
of the deployment and provides guidance for every step (Kalaiprasath, Elankavi &
Udayakumar, 2017). The implementation of cloud architecture consists of some elements and
features. The identity and access management policies and configuration that are specific to
certain roles and person are provided. To ensure high availability of private subnets and
subnets for other applications architecture of Multi-AZ is adopted. There is a storage device
known as Amazon S3 buckets used in encryption of data content, logging and data backup

2PAYMENT CARD INDUSTRY COMPLIANCES FOR AMAZON
(Amazon Web Services, Inc., 2019). The security groups limit access to critical services.
With the use of elastic load balance and automatic scaling a web application of Linux which,
can be modified with the need of the customer. To provide some facilities such as Secure
Shell command line access to Elastic compute cloud help in the troubleshooting and activities
for system administration. Monitoring different activities, logging into various sites and alert
for some issues are achieved with the help of Cloud Trial, CloudWatch of Amazon and
different configuration rules from Amazon (Amazon Web Services, Inc., 2019). Some
compliance enabler is activated to manage threat detection. Some of the facilitators are
Amazon web series artefact, guard duty, Amazon inspector. The Payment Card Industry
compliances provide a connected, segmented and dedicated environment.
It can be concluded that PCI compliances to the database administrator in a retailer
organisation like Amazon help to provide a safe and secure transaction to its consumers and
taking required security measures and postures. These compliances help the organisation
from various type of malicious content that can be incorporated into the system.

3PAYMENT CARD INDUSTRY COMPLIANCES FOR AMAZON
References
Amazon Web Services, Inc. (2019). Amazon Web Services (AWS) - Cloud Computing
Services. Retrieved from https://aws.amazon.com/.
Hendre, A., & Joshi, K. P. (2015, June). A semantic approach to cloud security and
compliance. In 2015 IEEE 8th International Conference on Cloud Computing (pp.
1081-1084). IEEE.
Kalaiprasath, R., Elankavi, R., & Udayakumar, D. R. (2017). Cloud. Security and
Compliance-A Semantic Approach in End to End Security. International Journal Of
Mechanical Engineering And Technology (I met), 8(5), 987-994.
Singh, J., & Kumar, V. (2014). Virtual Appliances-Based Framework for Regulatory
Compliances in Cloud Data Centers. IUP Journal of Information Technology, 10(1).