CDE Cloud Migration | PCI Compliance
Move and Improve On-
Premises Cardholder Data
Environment (CDE) to Cloud
Move and Improve On-Premises Cardholder Data Environment (CDE) to Cloud
About the Client
Green Mountain Power is an energy transformation company that provides electrical power to three-quarters of the northeastern state of Vermont.
Project Details
Following technical tasks were undertaken:
- Moved the client from on-prem datacenter to the cloud, where you can piggyback on the cloud provider’s Attestation of Compliance, thereby reducing the number of controls to be met.
- Rearchitected the web servers to be front ended by Application Load Balancers so all communication is encrypted with TLS 1.2.
- Added a web application firewall in front of the Load Balancer.
- Used CIS Benchmark compute images to ensure OS is properly hardened and is not using any default passwords or security parameters.
- Used cloud backup storage to leverage data-at-rest encryption provided by all major cloud vendors.
- Used Checkpoint Virtual Appliance to achieve ISD/IPS capabilities.
- Used Carbon Black and Cylance on Bastion host.
- Used network security groups and subnets to achieve network segmentation.
- Federated with Azure AD to supplement Cloud Identity Service capabilities.
Why Vigilant
Green Mountain Power selected us as they needed a vendor with strong cloud migration, security, and compliance expertise because they accept online payments via their website and mobile app, which mandates them to be PCI compliant.
Solution Provided
Our team migrated their CDE to the cloud where Green Mountain Power could piggyback on the service provider’s Attestation of Compliance (AOC), which greatly reduced the effort involved to become PCI compliant – thus saving both time and money.
Could we help you with a similar service?
Vigilant is among the key Microsoft Solutions Partners with over two decades of excellence in delivering business apps and IT infrastructure services. We have helped more than 200 organizations across various industries and offer both onshore and offshore consultants to fulfill all technology needs.
Please write to info@vigilant-inc.com or fill the form below: