Have questions about SingleHop?
I'm here to help.
Call us toll free at 866.349.0689
PCI-DSS Compliant Hosting Solutions
The Payment Card Industry (PCI) Data Security Standard (DSS) was developed to create a common standard for cardholder data security on a global basis. PCI-DSS (generally referred to as PCI) contains 6 directives with 12 definitive action items.
There are four levels of PCI compliance, which are applied based on the number of transactions processed in a year. Based on the prescribed PCI compliance level, customers may have the ability to fill out a self-assessment questionnaire versus (level 3 and 4) an on-site assessment (level 1 and 2) to achieve compliance.
Our engineers will work with you to determine the right approach for your business.
Physical Security at Data Center Facilities
All servers are maintained in secured data center facilities that are staffed 24/7/365 by our engineers. Each facility features physical access controls, such as vehicle barriers, physical security camera coverage, guarded security checkpoints, multi-factor biometric scanning, locked suites, and locked cabinets. We tightly maintain access to all sensitive areas and do not grant access to unauthorized or unescorted personnel. All visitors must be placed on an access list and must present proper credentials to gain escorted access.
PCI DSS Goals
|Build and Maintain a Secure Network||
1. Install and maintain a firewall configuration to protect cardholder data.
2. Do not use vendor-supplied defaults for system passwords and other security parameters.
|Protect Cardholder Data||
3. Protect stored data.
4. Encrypt transmission of cardholder data across open, public networks.
|Maintain a Vulnerability Management Program||
5. Use and regularly update anti-virus software.
6. Develop and maintain secure systems and applications.
|Implement Strong Access Control Measures||
7. Restrict access to cardholder data to business need-to-know.
8. Assign a unique ID to each person with computer access.
9. Restrict physical access to cardholder data.
|Regularly Monitor and Test Networks||
10. Track and monitor all access to network resources and cardholder data.
11. Regularly test security systems and processes.
|Maintain an Information Security Policy||
12. Maintain a policy that addresses information security.