Compliance Hosting

Managed Services

  • Home
  • Managed Services
  • Compliance Hosting

Hosting for Customers Subject to PCI Compliance

Connectria provides Managed Hosting Services for many customers who accept, process or store credit card information and are required to comply with PCI data security standards. Our world-class data centers and secure hosting services have been a key component to assist our customers such as David’s Bridal, Rhode Island School of Design and Braspag achieve PCI compliance.

The Payment Card Industry Data Security Standard (PCI DSS) is a worldwide information security standard assembled by the Payment Card Industry Security Standards Council. The standard was created to help organizations that process card payments prevent credit card fraud through increased controls around data and its exposure to compromise.

The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data.

Connectria's Dedicated "Data Center within a Data Center" approach to Managed Hosting Services help customers meet many of the PCI DSS requirements including but not limited to the following:

Build and Maintain a Secure Network

  • Dedicated firewall support with enhanced security rules for secured SSH & Remote Desktop connections
  • Automatic server password expirations & automatic SSH & Remote Desktop timeouts

Protect Cardholder Data

  • Disk-based data encryption support
  • Offsite encrypted tape backups with offsite tape rotations to a secure 3rd party facility
  • Data destruction before electronic media is reused or discarded

Maintain a Vulnerability Management Program

  • Virus, Worm, Trojan & Malware protection
  • Managed Operating System security patches and updates

Implement Strong Access Control Measures

  • Recording of data movement on electronic media both inside and outside of Connectria's facilities
  • Maintenance records maintained for any changes to the physical security of the facility
  • Secure facility access with person-traps, biometric readers and card scanners
  • Mandatory escorting of all outside visitors at all times, with facility access limits strictly enforced

Regularly Monitor and Test Networks

  • Blocking, logging, and customer notification of unauthorized access attempts
  • Detailed audit tracking in most Operating System environments