NetApp is excited to announce that all Instaclustr’s PCI offerings are now available on Google Cloud Platform. PCI-DSS (Payment Card Industry Data Security Standard), a requirement for many financial applications, is often adopted as the ‘gold standard’ in industries expecting the highest security levels.
In the evolving digital landscape, security isn’t just a requirement, it’s a promise to our customers. With PCI-DSS accreditation for Google Cloud—alongside our SOC 2 and ISO 27001 accreditations—we now provide a fortified security posture. This will allow eligible Google Cloud customers to confidently grow their businesses in a secure and reliable environment.
Customers aiming for complete PCI-DSS compliance must enable PCI on their account and then opt-in when provisioning a cluster. This will implement PCI required security measures, such as enhanced password complexity and more stringent access requirements for Instaclustr administrators. It also activates required PCI logging, which will add a relatively small but noticeable overhead to cluster performance.
Instaclustr implements a shared responsibilities model for PCI compliance. Full details of customers’ responsibilities can be found here.
For full details of our PCI offering, please see our support page.
How Do I Enable GCP PCI?
First, you must enable PCI Compliance on your account, which requires the account to be in compliance with all of the security options within the security tab. Please follow the instructions on the Account Security Options page.
Once this is complete you can then create a PCI compliant cluster, which vary from product to product. There are various support guides available, such as Creating a PCI compliant Cassandra Cluster or Creating a PCI compliant Apache Kafka Cluster.
Can Existing GCP Customers Transition Existing Clusters to PCI?
If you are looking to transition an existing cluster to become PCI compliant, or have additional questions around our PCI compliant clusters, please contact the Instaclustr Support team.
What Benefits Does Instaclustr by NetApp’s PCI Certification Bring to Customers Not Using the PCI Option?
Instaclustr’s management network—which deploys, manages, and monitors all components of a customer’s data infrastructure—must comply with all required PCI controls. This means that even customers who do not elect PCI-level security on their own managed infrastructure will still benefit from Instaclustr’s strict adherence to PCI security policies.
More About PCI DSS
The Payment Card Industry (PCI) Data Security Standard (DSS) is a set of security standards designed to improve payment account security and prevent fraud throughout the transaction process by increasing control of credit card data. Compliance with the PCI-DSS is required of all companies that process, store or transmit credit card information through the five major payment card brands: Visa, MasterCard, American Express, Discover and the Japan Credit Bureau (JCB).
The PCI Security Standards Council (PCI SSC), an independent body created by the major payment card corporations, sets the standards, administers the PCI-DSS, and manages its ongoing evolution.