The Payment Card Industry (PCI)’s Data Security Standard is increasingly being demanded by tech savvy clients, so it is important that your hosting provider is able to offer PCI Compliant Hosting.
PCI Compliant Hosting providers have grown in importance as the scale of financial transactions are more and more being done online. At BNS we implement the major aspects of PCI standards to make these PCI standard hosting services. Both physical and logical barriers are in place to restrict access and secure data to only those individuals that are properly authenticated and authorized to access the servers.
We employ things like certificate based security, encrypted communications, IP access control list, full audit entry logs and physical access control measures that employ biometrics.
How to make your website PCI Compliant?
Step 1: Find out the level of PCI Compliance needed:
- Level 1: Merchants which process over 6 million annual transactions or have already suffered an attack resulting in compromised data·
- Level 2: Merchants which process between 150,000 to 6 million annual transactions
- Level 3: Merchants which process between 20,000 and 150,000 annual transactions
- Level 4: Merchants which process less than 20,000 annual transactions
The requirements for each level are:
- Level 1: Annual on-site security audit and quarterly network security scan.
- Level 2 and 3: Annual self assessment questionnaire and quarterly scan by an approved PCI scanning vendor
- Level 4: No need to report compliance but must maintain compliance
Step 2: Engage a PCI approved scanning vender to have your Web site scanned for vulnerabilities. Be sure to continue the scanning on a quarterly basis.
Step 3: Report your compliance by sending the PCI scan and self-assessment to your merchant bank.
If you want to know more about PCI standards:
Feel free to contact us about your PCI compliant hosting requirements