Payment Card Industry (PCI / DSS) Compliance
 |
Read About Our PCI-DSS Solutions (PDF) | |
Read About Our PCI-DSS Compliance (PDF) |
Expedient is one of the very few PCI Level 1 certified collocation service providers.
PCI, as defined by the PCI Security Standards Council including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. International, is a set of comprehensive requirements for enhancing payment account data security to help facilitate the broad adoption of consistent data security measures on a global basis.
This group is focused on aligning the security initiatives of each member and ensuring a consistent 'standard of care' to protect card holder data. The result of this collaboration is the PCI Data Security Standard (DSS). PCI/DSS compliance requires security standards of any company processing, storing, or transmitting payment card data must be PCI/DSS compliant. Companies not adhering to the PCI/DSS compliance security standards risk losing their ability to process credit card payments and/or fines.
Expedient has invested significantly in the infrastructure, resources and operations to be one of the few PCI/DSS compliance certified collocation and managed service providers.
Benefits of PCI / DSS Compliance
* Customers rest assured knowing that their data is protected
* Expedient provides ongoing due diligence and quality improvement within their PCI/DSS compliance security security program
* Protect your customer's credit card data
* Protect yourself against contractual and regulatory fines
* Maintaining the credibility and branding of your company
* Quickly deploy a PCI/DSS compliance certified solution
* Reduce your capital costs by using a hosted solution
* Maintain a secure network
Expedient's Connection with PCI / DSS Compliance
Expedient demonstrates a strong commitment to PCI/DSS compliance in order to protect each customer's confidential information. The rigorous and multi-tiered PCI/DSS compliance application process involves 12 requirements that a company must have in order to be PCI compliant. Here are the principles and requirements that make up the PCI/DSS compliance group (taken from pcisecuritystandards.org)
Build and Maintain a Secure Network
Requirement 1: Install and maintain a firewall configuration to protect cardholder data
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder Data
Requirement 3: Protect stored cardholder data
Requirement 4: Encrypt transmission of cardholder data across open, public networks
Maintain a Vulnerability Management Program
Requirement 5: Use and regularly update anti-virus software
Requirement 6: Develop and maintain secure systems and applications
Implement Strong Access Control Measures
Requirement 7: Restrict access to cardholder data by business need-to-know
Requirement 8: Assign a unique ID to each person with computer access
Requirement 9: Restrict physical access to cardholder data
Regularly Monitor and Test Networks
Requirement 10: Track and monitor all access to network resources and cardholder data
Requirement 11: Regularly test security systems and processes
Maintain an Information Security Policy
Requirement 12: Maintain a policy that addresses information security
Expedient offers managed services including virtual colocation, remote backups, PCI/DSS compliance, equipment management, storage area networks and more. Our high quality PCI/DSS compliance services enable you to protect customer's credit card data easily. With PCI/DSS compliance services from Expedient, you can reduce capital costs with our hosted solution. For more information about PCI/DSS compliance, download our data sheet today.
