Adoption of virtualization and cloud computing is not slowing down, and neither are the challenges facing businesses looking to migrate to the cloud. At the top of the list for many firms is maintaining security and compliance when moving from physical to virtual and cloud environments. eWEEK has compiled a list of the most important steps your business can take to make sure PCI compliance does not fall to the backburner of your plans for virtual, public and private cloud environments.

• Know Your data - not all data is meant for the cloud.
• Ensure segmentation of your environment from other customer systems, your non-PCI cloud systems and the host and hypervisor.
• Leverage a provider who can scale your environment dynamically based upon preconfigured PCI-compliant system images
• Companies need to secure and manage privileged administrative users in both virtualized and cloud environments because excessive entitlements can be a serious weakness.
• Make sure a strong correlated log monitoring solution is in place to monitor your systems.
• Companies should ensure all audit trails have tight access controls that are maintained for virtual infrastructure components such as management utilities and the host. Audit trails should be secured so they cannot be altered.

The full article is available at eWeek.