dot Be the first to see our latest product releases—virtually—at Redis Released: Worldwide.

Register now

Elevating Data Security: Redis Cloud Achieves PCI DSS Certification

Every day, we are working to deliver effective and trustworthy security in our products. But we don’t expect you to just take our word for it. 

That’s why we’re thrilled to announce that Redis Cloud has earned the Payment Card Industry’s Data Security Standard (PCI DSS) certification for our Flexible and Annual plans on Amazon Web Services (AWS) and Google Cloud. This achievement provides even greater confidence and trust to store your customer’s cardholder data across all Redis Cloud AWS and Google Cloud regions.

You may wonder – what exactly does this certification mean? Let us break down the importance of PCI DSS certification and how it helps you confidently deliver data-oriented applications.

How does PCI DSS certification benefit me?

PCI DSS stands for Payment Card Industry Data Security Standard and is a security standard developed by the PCI Secure Standards Council (SSC). It is the gold standard for financial data security, and applies to all entities that may store, process, and transmit payment card data.

The PCI DSS standard was developed to ensure cardholder data is appropriately protected via technical, operational, and physical security safeguards. Imagine Redis Cloud as a treasure chest, with your sensitive information inside; we’ve just validated the effectiveness of that treasure chest’s joints and locks with external auditors, who examined all the ways we work to secure it against the PCI standard. 

The result? Our Qualified Security Assessor (QSA) successfully approved the effectiveness of our controls as a Level 1 PCI Service Provider. 

Trust and credibility for peace of mind

But that’s not all. We’re continuing to expand the security materials available to you in our Customer Trust Center, trust.redis.io. There, Redis customers may obtain our: 

  1. PCI Responsibility Matrix, which details how compliance roles and responsibilities are shared between Redis, its customers, and its hosting providers regarding PCI data stored in Redis Cloud
  2. Attestation of Compliance (AOC), an attestation completed by our QSA that documents that Redis Cloud upholds the security requirements to protect cardholder data

You can find our full package of customer security and compliance documentation in our Customer Trust Center to give you the visibility and confidence you need into Redis’ security practices.

We’re excited about this accomplishment, and we hope you are too! Do you have more technical questions or want to learn more about the security features available in Redis Cloud? We have you covered, with an entire Redis University course about security topics, including access control, data protection and encryption, secure Redis architectures, and secure deployment techniques. And it’s free!