We help you on your way towards PCI compliance by applying the current security best-practices and server hardening recommendations.
The PCI Data Security Standards is a set of standards and measurements designed to enhance payment card data security and help organizations ensure the safe handling of cardholder information.
Yes! Currently, credit card brands like Visa and MasterCard require all merchants and service providers that process, store or transmit cardholder data to be validated according to the PCI-DSS.
To become PCI compliant you must successfully pass a vulnerability scan from an approved scanning vendor, and fill out the Self-Assessment Questionnaire. Click here for more information.
|1. Install and maintain a firewall configuration to protect cardholder data||
Managed FirewallProperHost applies stringent firewall rules that inspects and filter any unwanted traffic from the network, such as port sniffing attempts or packet flood attacks.
|2. Do not use vendor-supplied defaults for system passwords and other security parameters||
Strong Password PolicyAll ProperHost servers enforce a strong password policy to ensure user accounts and system services are not using weak passwords that can easily be cracked.
|3. Protect stored cardholder data||
Token-Based Payment System
It is your responsibility to implement this requirement.
Note: We do not recommend storing credit card information directly in your database. Instead, use a token-based payment system where sensitive card details are stored remotely with the payment processor provider.
|4. Encrypt transmission of cardholder data across open, public networks||
SSL CertificatesProperHost offers highly secure SSL certificates from the leading and most trusted SSL issuers in the industry. Domain Validated (DV), Organization Validated (OV), and Extended Validation (EV) SSL certificates are available.
|5. Use and regularly update anti-virus software on all systems commonly affected by malware||
Managed Anti-Virus and Web Application FirewallProperHost provides advanced Anti-Virus and Web Application Firewall toolkits for real-time web application monitoring and protection against malware and common security exploits.
|6. Develop and maintain secure systems and applications||
Automatic Security Updates and Kernel PatchesWe offer automatic rebootless kernel updates through KernelCare by CloudLinux, which automatically applies new security patches and keeps your server protected against known vulnerabilities. The Mod Security web application firewall is installed and updated with the latest security rule set and PHP is secured by Suhosin, an extension which adds several patches to the PHP core and includes numerous other protections.
|7. Restrict access to cardholder data by business need-to-know||
Granular Access Control and "Least Privilege" PrincipleThrough the ProperHost control panel, you can create accounts and assign privileges to only the users that should have access to a particular system or service, such as the FTP or database server. Restrict access by IP address or public-key authentication to further restrict who can access your server.
|8. Assign a unique ID to each person with computer access||This requirement is covered by requirement 7.|
|9. Restrict physical access to cardholder data||
Data Center SecurityThe ProperHost servers are located in a state-of-the-art data center with SSAE-16/SAS-70 Type II certifications and SOC 1 Type 2 audit. Our facility conforms to the highest level of security, including 24/7 on-site security guards, interior and exterior camera surveillance, keycard locks and biometric palm scanner to restrict the access of unauthorized personnel.
|10. Track and monitor all access to network resources and cardholder data||
Proactive Monitoring and Log InspectionOur engineers and security experts continuously monitors the server logs for suspicious activity and break-in attempts, and provide expert guidance and investigation in the event of an alleged security breach. Raw access logs are available upon request.
|11. Regularly test security systems and processes||
Threat ManagementProperHost employs sophisticated Intrusion Detection Systems and various threat mitigation strategies to detect threats and vulnerabilities in real-time. Our highly skilled server engineers are available around-the-clock to immediately investigate and respond to alerts.
|12. Maintain a policy that addresses information security||It is your responsibility to implement this requirement. It should be part of your organization's security policy.|
Remember that simply hosting with ProperHost doesn't automatically make you PCI-compliant. And while technologies can help in your efforts toward PCI compliance, tools like Firewalls, Intrusion Detection Systems and Log Management appliances are only as effective as the people and processes in place to install and manage them.