• » Managed Services
• » Virtualisation
• » Application Delivery
• » PCI Compliant Hosting Services
• » Managed Virus Protection
• » Software as a Service

PCI Compliant Hosting Services

manageNET offers various services to merchants, application developers and other service providers. Services range from simple to complex; from shared space on a server to a whole range of physical and virtual hosting options that meet the stringent requirements applicable to a PCI compliant hosting environment.

Our Physical Security Policies, Disaster Prevention and Protection Plans, Fiber Capacity & Core IP Network & Bandwidth facilities, Environmental Controls and Conditioned Power were configured to create a world-class hosting facility.

What is Payment Card Industry (PCI) Compliance?

Payment Card Industry (PCI) Compliance is a set of security standards that were created by the major credit card companies (American Express, Discover Financial Services, JCB, MasterCard Worldwide, and Visa International) to protect their customers from increasing identity theft and security breaches.

The 12 PCI DSS requirements are organized into 6 main categories. To be fully compliant, an organization must satisfy all 12 requirements.

• Maintain a Secure Network: Requirements 1 and 2
  • Install and maintain a firewall configuration to protect cardholder data
  • Do not use vendor-supplied defaults for system passwords and other security parameters
• Protect Cardholder Data: Requirements 3 and 4
  • Protect stored cardholder data
  • Encrypt transmission of cardholder data across open, public networks
• Maintain a Vulnerability Management Program: Requirements 5 and 6
  • Use and regularly update anti-virus software
  • Develop and maintain secure systems and applications
• Implement Strong Access Controls: Requirements 7, 8, and 9
  • Restrict access to cardholder data by business need-to-know
  • Assign a unique ID to each person with computer access
  • Restrict physical access to cardholder data
• Regularly Monitor and Test Networks: Requirements 10 and 11
  • Track and monitor all access to network resources and cardholder data
  • Regularly test security systems and processes
• Maintain an Information Security Policy: Requirement 12
  • Maintain a policy that addresses information security

Source: PCI Security Standards version 1.1

Do I need to be PCI Compliant?

Any company that accepts, processes, or stores credit card information MUST be PCI compliant. This also includes companies that provide services to merchants, services providers or members that control or could impact the security of cardholder data. Examples include managed service providers that provide managed firewalls, IDS and other services as well as hosting providers and other entities. Entities such as telecommunications companies that only provide communication links without access to the application layer of the communication link are excluded.

What happens if my site isn't PCI Compliant?

Failure to comply with the PCI security standards may result in heavy fines, restrictions or permanent expulsion from card acceptance programs.

manageNET can help you achieve PCI DSS Compliance

PCI DSS compliance is a complex chain of responsibilities involving your processes, applications and managed service providers to ensure that your cardholder-related transactions are secure.

The Payment Card Industry (PCI)'s Data Security Standard is widely regarded as an essential part of conducting business securely on the Web, so it is important to make sure every part of your site, including PCI Compliant Hosting, meets standards incorporating security protocols before you go live with any payment acceptance.

The PCI standards incorporating PCI Compliant Hosting have grown more demanding in recent years, so it helps to partner with a service provider that can truly help you comply with every part of the code. Here at manageNET you get some of the most comprehensive PCI services available, including secure infrastructure and dedicated customisation on account set-up. The servers here incorporate some of the most modern options available, offering airtight security and speedy verification to ensure every part of a transaction is conducted with the proper certificates in place. IP logging and encrypted data transmission help complete the picture of a hosting service designed for years of secure use.

manageNET provisions infrastructure that exceeds the credit card industry's safety standards for PCI Compliant Hosting.

Please don't hesitate to contact the experts at manageNET if you want to learn more about PCI compliance and understand the difference we make to ensure your applications adhere to requirements.