Occasionally, a merchant may be audited to ensure they are maintaining compliance. During this audit, auditors review every aspect of their IT operations to make sure cardholder information is handled safely and securely.
Part of this audit involves a thorough review of the cloud provider services that are used by the merchant because they also need to be PCI compliant. Therefore, before partnering with any cloud hosting service, it is important for clients to ask the vendors to prove PCI compliance. This is a necessary step to help ensure that their cloud hosting service can help them pass any audit.
PCI-compliant hosting is specifically designed to provide a safe and secure environment for cardholder information and an encrypted connection to the Internet from the consumer’s browser to the company’s Web server to the credit card company.
Managed PCI Compliant Hosting
UOTech’s Managed PCI-compliant hosting service helps merchants conform to the Payment Card Industry Data Security Standard (PCI DSS) instituted by credit card companies. Our hosting service maintains PCI DSS 3.2 compliance, so our clients can feel confident that we can help them meet their own compliance requirements.
PCI Compliance Hosting Requirements
To be compliant with Payment Card Industry Data Security Standards (PCI DSS), a merchant needs to meet a set 12 requirements in six security areas to make sure that they are accepting, processing, storing, and transmitting credit card data using a secured computing environment. These standards were introduced in September 2006 in a joint initiative by Visa, MasterCard, JCB International, Discover, and American Express to help prevent consumer credit card data theft and reduce online fraud.
The 12 PCI compliant hosting requirements are:
- Use and Maintain Firewalls
- Use and Maintain Anti-Virus
- Use Proper Password Protections
- Protect Cardholder Data
- Encrypt Transmitted Data
- Maintain Software Updates
- Restrict Data Access
- Restrict Physical Access
- Provide Unique IDs for Access
- Create and Maintain Access Logs
- Scan and Test for Vulnerabilities
- Document Policies
Complying with PCI DSS is more important than ever in today’s market as hackers are using increasingly sophisticated measures to access credit card data. Partnering with a PCI compliant hosting partner like UOTech can help you meet these critical requirements. To learn more about our PCI compliant cloud hosting services in Long Island and throughout the NY Metro Region, call us today at 516-500-7780 or click here to send us a message.