Accommodation is NOT a PCI Compliant Hosting Provider

What is PCI compliance?

standard PCI (Payment Card Industry) compliance has been created by major credit card issuers to protect personal information and ensure security when transactions are processed using a payment card. Members of the Payment Card Industry (financial institutions, issuers of credit cards and merchants) must comply with these standards if they accept credit cards as payment. Failure to comply with these standards can result in fines from credit card companies, and even the loss of the ability to process credit cards. There are six categories of PCI standards which must be met for a retailer to be considered PCI Compliant.

1. Maintain a secure network

A real network where the transaction is exposed, must be guaranteed. In the case of an online business, the vulnerability of this standard is the web server itself. Here, the host society must take responsibility to make the network secure.

2. Protect cardholder data

This category focuses on how cardholder data is stored and transmitted. Ways on how to protect these data, encryption of data. Online businesses must be critical of how the cardholder data is transmitted. Because during transmission, data is transmitted over the Internet. The data must be encrypted with at least one 128-bit SSL certificate to meet this standard.

3. Maintaining a vulnerability management program

This category means, systems maintenance. exhibits vulnerability can be minimized by regularly updating computer hardware, operating systems and software, software anti-virus, and virus scans regularly.

4. The implementation of access control measures rigorous

A portion of the meeting PCI compliance means limiting access to cardholder data to those persons who need to use it.

5. Regularly monitor and test networks

Data networks where the cardholder is located must be monitored and tested regularly. regular scans of security measures and processes, surveillance and monitoring network access to cardholder data are required to meet this standard.

6. Maintain a policy of information security

Production and implementation of a security policy for the company to ensure that employees know and understand their responsibilities regarding cardholder data.

Within these six categories are 12 requirements that address particular issues that are directly related to the security of web applications:

1. Install and maintain a firewall configuration to protect cardholder data
2. Do not use vendor-supplied defaults for system passwords and other security parameters
3. Protect stored cardholder
4. Encrypt transmission of cardholder data across open, public networks
5. Use and regularly update anti-virus software
6. Develop and maintain secure systems and applications
7. Restrict access to cardholder data by business need to know
8. Assign a unique ID to each person with computer access
9. Restrict physical access to cardholder data card
10. Track and monitor all access to network resources and cardholder data
11. Regularly test security systems and processes
12. Maintain a policy on information security

Since the Payment Card Industry (PCI) Data Security Standard s is increasingly demanded by discerning clients tech, it is important that your hosting provider is able to offer PCI Compliant Hosting.

PCI Compliant Hosting providers have grown in importance as the scale of financial transactions are increasingly takes place online. At BNS we implement the main aspects of the PCI standards to make the PCI standard hosting services. The physical and logical barriers are in place to restrict access and secure data to those persons who are properly authenticated and authorized access to servers.

BNS Hosting employ things like certificate security, encrypted communications, the list of IP access control, full audit entry logs and physical measures to control access using biometrics.

How to make your website PCI Compliant?

Step 1: Find the level of PCI Compliance needed:

Level 1: Merchants which process over 6 million annual transactions or have already suffered an attack resulting in compromised data

Level 2: Merchants which treats 150000-6000000 annual transactions

Level 3: Merchants who handle between 20,000 and 150,000 annual transactions

Level 4: Merchants which process less than 20,000 annual transactions

The requirements for each level are as follows:

Level 1: annual audit on-site security and quarterly network security scan.

Level 2 and 3: self-assessment questionnaire annually and quarterly scan by an approved PCI scanning vendor

Level 4: No need to report compliance but must maintain compliance

Step 2: Initiate a PCI Approved Scanning Vendor to have your Web site scanned for vulnerabilities. Make sure to continue scanning on a quarterly basis.

Step 3: Report your PCI compliance by sending the scanner and self-evaluation to your bank.

Feel free to contact us about your hosting needs PCI comply with the team bnshosting.net or visit our website http:www.bnshosting.net and talk to our experts online hosting Advisor solution.

Users Reading this article are also interested in:

About the Author:
No Information for this author.