rcross
commented
10 years ago Perhaps a better (and more indelible) approach would be to provide some guidelines about how to vet a host for PCI compliance (among your other hosting requirements). Depending on how comprehensive it is, this might even be a separate article/paper.
While I would also like to see a few alternative examples to AWS, I think it is a slippery slope if we start providing a list of vetted/recommended hosts. We may also want to consider whether to comment on the suitability/compliance of Acquia, Pantheon, Omega8, AberdeenCloud, Blackmesh, Bluehost, A2, Arvixe or any other Drupal-specialised hosting for PCI requirements.
FatherShawn
rickmanelius
In the 1.0 release, the only PCI compliant cloud solution that I felt comfortable/confident with recommending was amazon AWS. Since then, it has come to my attention that there are several other options that need exploring/vetting.
Example Candidates:
Note: I've seen some vendor claims that later turned out to be false/misleading. Therefore some level of vetting needs to be done to ensure they are legitimate. At the very least, I would like to find 3-4 alternatives to Amazon AWS.