Hello Fady, Is the official stance of Google that App Engine can't be PCI-DSS compliant, only GCE?
When we discussed with account management, they said it was compliant as long as we put a WAF in-front, like Cloudflare. On Tuesday, March 20, 2018 at 3:13:49 PM UTC, Fady (Google Cloud Platform) wrote: > > Hello Nikolaus, > > For the time being , you do not have the option to disable 3DES yourself. > However, I created a private issue tracker (sent privately) to investigate > the possibility if the backline team can disable it for your custom domain. > > Meanwhile, if your goal is to create a Payment Card Industry Data Security > Standard (PCI DSS) compliant environment, you may check this document > <https://cloud.google.com/solutions/pci-dss> for best practices. > > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to google-appengine+unsubscr...@googlegroups.com. To post to this group, send email to google-appengine@googlegroups.com. Visit this group at https://groups.google.com/group/google-appengine. To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/2f0e260a-d20e-4a4d-9978-c21b01cc9104%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.