Easier PCI Cloud Compliance

Simplify the burden of PCI DSS compliance with Armor, The First Totally Secure Cloud CompanyTM. Armor-protected data workloads and applications inherit compliance controls from our PCI DSS 3.2-compliant managed cloud security solutions. This means easier PCI DSS assessments and heightened security without the need for additional overhead or DIY security tools.

Why Armor for PCI DSS compliance:

  • PCI DSS 3.2-Compliant Solutions: Armor cloud security solutions are compliant against PCI DSS 3.2. This means that our solutions are configured to meet standards set by the PCI Security Council.
  • Inherited Compliance Controls: Armor customers receive inherited compliance for data workloads and applications from our PCI DSS 3.2-compliant solutions.
  • PCI DSS compliance Expertise: Cloud-ready organizations trust us to protect their customers’ payment card-related data at all costs.
  • Security-driven compliance: True cloud security is more than just a checklist; it’s about letting compliance be an outcome of a security program, not its driver. Our approach to security does just that: proactive cyber security powered by the experts in our 24/7/365 security operations center (SOC).

Our purpose-built managed cloud security solutions were created to simplify compliance – minimizing PCI DSS-related anxiety and preventing breaches of payment card information.

PCI DSS Cloud Compliance FAQ

Need-to-know facts on PCI compliance in the cloud

Overwhelmed by PCI DSS compliance? Learn how to overcome the complexity and prepare for your next third-party audit or self-assessment with our PCI DSS cloud compliance frequently asked questions (FAQ).

Inherited PCI DSS Controls

Armor customers inherit PCI DSS 3.2 compliance that addresses many of the controls mandated by the PCI Security Council. This means streamlined assessments as well as cost savings for organizations without robust cloud security programs.

Click on the tabs below to see key PCI DSS controls addressed by our solutions:

Armor Security Services PCI DSS 3.2 Controls Risk Mitigation
Intrusion Detection 11.4 Malicious allowed traffic
Internal Network Vulnerability Scanning 11.2.3) Exploits due to missing patches or updates; improper network firewall configuration
File Integrity Monitoring 11.5 Monitoring unauthorized changes to critical files
OS Patching/Updating 6.0, 6.2) OS weaknesses Malware Protection
Malware Protection 5.1, 5.2, 5.3 Compromise due to virus/malware infection
Log Management 10.1, 10.2.2-10.2.7, 10.3, 10.5, 10.6, 10.7 Detection of malicious activity

View the entire Armor Anywhere PCI Compliance Matrix.

Armor Security Services PCI DSS 3.2 Controls Risk Mitigation
IP Reputation Filtering Security best practice Activity from known bad sources
DDoS Mitigation Security best practice Loss of availability due to high volume of malicious activity
Web Application Firewall 6.6 Application layer flaws and exploits
Intrusion Detection 11.4 Malicious allowed traffic
Network Firewall (Hypervisor-Based) 1.1.5, 1.1.6, 1.1.7, 1.2.2, 1.2.3, 1.3.3, 1.3.5 Unwanted network connectivity
Secure Remote Access (Two-factor authentication) 8.3 Unauthorized remote use of administrative access
Secure Remote Administrative Access 2.3 Disclosure of administrative credentials
OS Patching/Updating 6.1, 6.2 OS weaknesses Malware Protection
Malware Protection 5.1, 5.2, 5.3 Compromise due to virus/malware infection
Log Management 10.1, 10.2.2-10.2.7, 10.3, 10.5, 10.6, 10.7 Detection of malicious activity
Physical Security 9.1, 9.2, 9.3, 9.4 Physical theft or compromise of data

View the entire Armor Complete PCI Compliance Matrix.

PCI DSS Compliance Expertise

Leverage our PCI DSS expertise to overcome any compliance challenge. We provide 24/7/365 hands-on support to support the team responsible for managing PCI DSS-related cloud security controls.

  • Our CISO is your CISO: Add to your cloud security roster with experienced cloud security experts to help guide you through compliance audits.
  • Certifiable cyber security badasses: Relentless monitoring and rapid support from highly trained professionals with a combined 60 cyber security certifications.
  • Proven cloud security results: Our SOC managed more than 4,800 security incidents and analyzed more than 771 billion logs in 2016.

Our talent doesn’t just extend your team, they become part of it – seamlessly incorporating their skill set and expertise into your cloud security roster. Together with our best-of-breed security technologies, they guarantee a level of cloud security and performance that only Armor can provide.

Security-Driven PCI DSS Compliance

Our approach to cloud security focuses on security first, letting compliance follow as a result. It’s why we’re able to boast a protection rate of 99.999% across all customer instances alongside streamlined PCI DSS attestation.

We do this by orienting and adapting our managed security solutions to achieve the highest level of protection in the cloud.

  • Advanced threat intelligence: We stay ahead of emerging threats using data aggregated from 150-plus global sources and Dark Web monitoring. We leverage this intelligence to form a proactive defense around all customer instances so they’re protected before threat actors can even initiate their attack. View the results of our ongoing threat intelligence in the monthly Armor Threat Intelligence Briefing.
  • Transparent cloud security: Track the status of your Armor-protected data in the Armor Management Portal. This intuitive, single-pane-of-glass-view delivers real-time insights into your security posture, including when patches are needed, malware events, OS logs and firewall rules.

As The First Totally Secure Cloud CompanyTM, we’ve standardized effective processes for defending against even the most sophisticated cyber attacks. This provides peace of mind that your customers’ payment card data is secure and compliant – helping you maximize your cloud investment.