PCI DSS Hosting

PCI DSS Hosting Netplan can you help you with the Payment Card Industry Data Security Standards (PCI DSS), which has been introduced by the leading credit card associations as a means of standardising the level of security surrounding card payments and to reduce credit card fraud. Compliance with the PCI DSS is due to become mandatory for all organisations that store, process, or transmit cardholder information.

Hosting providers such as Netplan perform a critical function for many organisations that store, process or transmit cardholder data and if they host or manage the systems that store, process or transmit cardholder data, they are also required to validate their compliance with certain aspects of the PCI DSS.

With Netplan's range of services, it classifies itself into both of the following groups:

Unmanaged PCI DSS Hosting Providers:

PCI DSS Hosting Providers that provide hosting facilities only for their customers. The following PCI DSS Requirements apply to Unmanaged Hosting Providers:

Requirement 9 - Restrict Physical Access to Cardholder Data.
Requirement 12 - Maintain a policy that addresses information security for employees and contractors.

Serenata Flowers Case Study

"When approached by Serenata Flowers, it was clear that the company was looking for a reliable partner in e-commerce solutions. Netplan was able to provide a fully managed server solution that removed many of the IT headaches away from the client, allowing them to focus on growing their business.

By working closely with Serenata Flowers over the last eight years, Netplan has been able to upgrade their server footprint as and when necessary, from a shared hosting package to the PCI level 1 compliant, load balanced server cluster that is powering their websites today. As an e-commerce site, security and availability were paramount in the business model.Netplan deployed high availability systems to enable the maximum uptime for the client.

Serenata Flowers has seen their business go from strength to strength and the company now has cemented its position as one of the largest and most well respected online retailers of flowers in the UK. The server cluster now managed by Netplan is handling more than 1 million transactions a year".

Managed Hosting Providers:

Hosting Providers that provide managed services to their customers and/or hosting facilities. Managed Hosting Providers are required to be compliant for all aspects of the PCI DSS Hosting that apply to their respective managed services.

Netplan's PCI DSS advisory services:

Pre-Compliance Health Check - onsite review and gap-analysis provides a structured framework and guidance to address non-compliance, and thereby facilitates straightforward compliance.
Network Vulnerability Scans - identify and prioritise network vulnerabilities ensuring up to date protection from the latest threats and meeting annual PCI DSS hosting compliance requirements.
Penetration Testing - customised penetration testing service provides a comprehensive analysis of a network and application's security and level of protection against compromise.
Onsite Assessments - Both Unmanaged and Managed Hosting Providers require an annual onsite assessment to validate their compliance.
Design, build, deploy and manage - Assistance with information security policies and procedures; secure network architecture design; gap analysis; supply, configuration, and onsite implementation of proprietary or third party security devices.

Talk with us today about where you are in the process of getting of maintaining compliance and explore how we enable you to redirect you skills to revenue generating activity whlist eliminating customer and regulatory exposure.