托管在Azure上一个PCI兼容的应用程序 [英] Hosting a PCI compliant app on Azure
问题描述
我想举办Windows Azure上存储谁掏钱购买订阅按月收费用户的信用卡信息的应用程序。我只是要作为安全存储卡上的数据尽可能(通常加密,盐,更新数据库密码,使用HTTPS,等等)
I want to host an application on Windows Azure that stores the credit card information of users who pay to buy subscriptions for a monthly fee. I'd just have to store the card data as securely as possible (encrypt, salt, update database password often, use HTTPS, and so on)
我相信我需要PCI兼容能够存储这类信息。我的问题是可以的Azure让我实现这一目标?我有哪些选择?可以在Azure的处理信用卡支付的应用程序?
I believe I need to be PCI compliant to be able to store this kind of information. My question is can Azure allow me to achieve this? What are my options? Can an application on Azure process credit card payments?
推荐答案
的Windows Azure目前不符合PCI规范。 (也可能是在未来,但不是现在 - 路线图)
Windows Azure is not currently PCI compliant. (it may be in the future but not now - roadmap)
编辑:
Azure的是现在1级标准:windowsazure.com/en-us/support/trust-center/compliance
Azure is now Level-1 compliant: windowsazure.com/en-us/support/trust-center/compliance
Windows Azure中有一个信任中心页面,解释了所有关于它的安全和法规遵从(我建议你对这里什么有天青,并没有更多)的 https://www.windowsazure.com/en-us/support/trust-center/
Windows Azure has a Trust Center page that explains all about its security and compliance (I suggest you read more about it here about what Azure has and hasn't) https://www.windowsazure.com/en-us/support/trust-center/
您已经在这里你可以建立Azure应用程序,但让一个第三方(符合PCI标准)处理实际的信用卡处理给你,从而减轻您在Azure上非PCI申诉书的风险选项。
You have options where you can build Azure Applications but let a 3rd party (PCI compliant) handle the actual credit card processing for you, thus mitigating your risk of a non-PCI complaint application on Azure.
心连心
这篇关于托管在Azure上一个PCI兼容的应用程序的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
