December 11, 2019 By Joe Marsh < 1 min read

IBM Cloud continues to expand compliance for Infrastructure- and Platform-as-a-Service (IaaS and PaaS) offerings with the Payment Card Industry Data Security Standard (PCI DSS).

The PCI DSS was developed to encourage and enhance cardholder data security and facilitate the global adoption of consistent data security measures. The PCI DSS provides a baseline of technical and operational requirements designed to protect account data, including card number, expiration date, and verification data.

IBM Cloud Platform completes annual PCI DSS assessments using an approved Qualified Security Assessor (QSA), and the resulting Attestations of Compliance (AOCs) are available upon client request. Auditors review in-scope IBM Cloud Infrastructure and PaaS services for compliance under PCI DSS version 3.2.1 at Service Provider Level 1. 

Clients are responsible for the storing, processing, and transmission of their cardholder data and may create cardholder data environments (CDEs) that can store, transmit, or process cardholder data using IBM Cloud Platform services. Clients can use the IBM Cloud AOCs when seeking their own PCI DSS certifications. It is the responsibility of the client to document and operate CDEs and applications built using IBM Cloud Platform services in a PCI DSS-compliant manner. 

Adding to the compliant IBM Cloud Infrastructure and PaaS services previously assessed under the PCI DSS are the following:

Learn more

A full list of PCI DSS-ready IBM Cloud Platform services and options to request a PCI DSS Attestation of Compliance (AOC) can be found at here.

More from Announcements

Success and recognition of IBM offerings in G2 Summer Reports  

2 min read - IBM offerings were featured in over 1,365 unique G2 reports, earning over 230 Leader badges across various categories.   This recognition is important to showcase our leading products and also to provide the unbiased validation our buyers seek. According to the 2024 G2 Software Buyer Behavior Report, “When researching software, buyers are most likely to trust information from people with similar roles and challenges, and they value transparency above other factors.”  With over 90 million visitors each year and hosting more than 2.6…

IBM named a Leader in Gartner Magic Quadrant for SIEM, for the 14th consecutive time

3 min read - Security operations is getting more complex and inefficient with too many tools, too much data and simply too much to do. According to a study done by IBM, SOC team members are only able to handle half of the alerts that they should be reviewing in a typical workday. This potentially leads to missing the important alerts that are critical to an organization's security. Thus, choosing the right SIEM solution can be transformative for security teams, helping them manage alerts…

Reflecting on IBM’s legacy of environmental innovation and leadership

4 min read - Upholding a legacy of more than 50 years of environmental responsibility through our company’s actions and commitments, IBM continues to be a leader in driving sustainability for our business, our communities and our clients—including a 34-year history of annual, public environmental reporting, which we continue today. As a hybrid cloud and artificial intelligence (AI) company, we believe that leveraging technology is key to unlocking impact, and it will play a substantial role in how society addresses, adapts to, and overcomes…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters