manageNET

PCI Compliant Hosting

manageNET can help you achieve PCI DSS Compliance

manageNET provisions infrastructure that addresses key criteria as detailed by the credit card industry's safety standards for PCI Compliant Hosting.

PCI DSS compliance is a complex chain of responsibilities involving your processes, applications and managed service providers to ensure that your cardholder-related transactions are secure.

The Payment Card Industry (PCI)'s Data Security Standard is widely regarded as an essential part of conducting business securely on the Web, so it is important to make sure every part of your site, including PCI Compliant Hosting, meets standards incorporating security protocols before you go live with any payment acceptance.

The PCI standards incorporating PCI Compliant Hosting have grown more demanding in recent years, so it helps to partner with a service provider that can truly help you comply with every part of the code. Here at manageNET you get some of the most comprehensive PCI services available, including secure infrastructure and dedicated customisation on account set-up. The servers here incorporate some of the most modern options available, offering airtight security and speedy verification to ensure every part of a transaction is conducted with the proper certificates in place. IP logging and encrypted data transmission help complete the picture of a hosting service designed for years of secure use.

The PCI Security Standards Council is an open global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection.

What is Payment Card Industry (PCI) Compliance?

Payment Card Industry (PCI) Compliance is a set of security standards that were created by the major credit card companies (American Express, Discover Financial Services, JCB, MasterCard Worldwide, and Visa International) to protect their customers from increasing identity theft and security breaches.

The 12 PCI DSS requirements are organized into 6 main categories. To be fully compliant, an organization must satisfy all 12 requirements.

  • Maintain a Secure Network: Requirements 1 and 2
    • Install and maintain a firewall configuration to protect cardholder data
    • Do not use vendor-supplied defaults for system passwords and other security parameters
  • Protect Cardholder Data: Requirements 3 and 4
    • Protect stored cardholder data
    • Encrypt transmission of cardholder data across open, public networks
  • Maintain a Vulnerability Management Program: Requirements 5 and 6
    • Use and regularly update anti-virus software
    • Develop and maintain secure systems and applications
  • Implement Strong Access Controls: Requirements 7, 8, and 9
    • Restrict access to cardholder data by business need-to-know
    • Assign a unique ID to each person with computer access
    • Restrict physical access to cardholder data
  • Regularly Monitor and Test Networks: Requirements 10 and 11
    • Track and monitor all access to network resources and cardholder data
    • Regularly test security systems and processes
  • Maintain an Information Security Policy: Requirement 12
    • Maintain a policy that addresses information security

Do I need to be PCI Compliant?

Any company that accepts, processes, or stores credit card information MUST be PCI compliant. This also includes companies that provide services to merchants, services providers or members that control or could impact the security of cardholder data. Examples include managed service providers that provide managed firewalls, IDS and other services as well as hosting providers and other entities. Entities such as telecommunications companies that only provide communication links without access to the application layer of the communication link are excluded.

What happens if my site isn't PCI Compliant?

Failure to comply with the PCI security standards may result in heavy fines, restrictions or permanent expulsion from card acceptance programs.

Please don't hesitate to

Contact the experts at manageNET if you want to learn more about PCI compliance and understand the difference we make to ensure your applications adhere to requirements.

  • Overview
  • FAQ

PCI Compliant Hosting Services

manageNET offers various services to merchants, application developers and other service providers. Services range from simple to complex; from shared space on a server to a whole range of physical and virtual hosting options that meet the stringent requirements applicable to a PCI compliant hosting environment.

Let us help you achieve compliance

Our Physical security policies, disaster prevention and protection plans, fiber capacity and core IP network and bandwidth facilities, environmental controls and conditioned power were configured to create a world-class hosting facility. At manageNET we will clearly articluate and design a solution that fits your imediate requirements and can scale to incorporate additional capacity, we work with your assigned QSA to ensure your total solution meets the Payment Card Industry compliance requirements.

Who needs PCI?

PCI applies to ALL organizations or merchants, regardless of size or number of transactions, that accepts, transmits or stores any cardholder data. Said another way, if any customer of that organization ever pays the merchant directly using a credit card or debit card, then the PCI DSS requirements apply

Do I need to be PCI compliant?

Any company that accepts, processes, or stores credit card information MUST be PCI compliant. This also includes companies that provide services to merchants, services providers or members that control or could impact the security of cardholder data. Examples include managed service providers that provide managed firewalls, IDS and other services as well as hosting providers and other entities. Entities such as telecommunications companies that only provide communication links without access to the application layer of the communication link are excluded.