|
|
|
|
|
|
by grepfru_it
1764 days ago
|
|
|
At a certain size, your org should be a resale partner with whatever cloud service it is, so the end customers are getting their own accounts. This varies by size and $$$ spent. Credit cards should never be linked across accounts thanks to PCI-DSS complince Same IP ban is also not likely unless you are actually doing nefarious things across multiple accounts. I am also making the assumption you are connecting from some business account and not a residential ISP, though that is changing thanks to covid. FWIW, I have worked at many companies where offices of 300-500 proxy outbound traffic to a single IP, that’s why I don’t believe this is a concern. The ultimate problem is when you have several logical partition but no billing partition. Also the large marketing firm I worked at had zero phone support with Facebook and Google, yet we did this all day (with a single IP address). This all boils down to one common thread: you should be taking advice from a lawyer on whether the terms prevent such actions and to have a business continuity plan. If the vendor does something egregious, like shutdown all accounts, then your lawyer can ship them a nice letter which will get their attention |
|
|
Afaik, PCI-DSS doesn't prevent you to store cryptographic hashes of card. Therefore cards still could be linked with hashes.