On 7 February, the PCI (Payment Card Industry) Security Standards Council issued the PCI DSS Cloud Computing Guidelines Information Supplement. The PCI Security Standards Council develops, manages and raises awareness around payment data security though its PCI Data Security Standard (PCI DSS). PCI DSS compliance is a benchmark for online merchants and payment service providers. The Cloud Computing Information Supplement sits alongside, and does not replace, PCI DSS. The guidance will be of use to both cloud service providers and merchants using cloud technologies for the storage and processing of cardholder data. Using the guidance will help cloud providers and cloud customers to identify and define their respective security responsibilities, a process that is essential in achieving and maintaining PCI DSS compliance.