Enhanced web server security with PCI compliant hosting

Did you know that all merchants that process credit cards online must adhere to the Payment Card Industry Data Security Standards (PCI-DSS)?

We help you on your way towards PCI compliance by applying the current security best-practices and server hardening recommendations.

What is the PCI-DSS?

The PCI Data Security Standards is a set of standards and measurements designed to enhance payment card data security and help organizations ensure the safe handling of cardholder information.

Do I need to care?

Yes! Currently, credit card brands like Visa and MasterCard require all merchants and service providers that process, store or transmit cardholder data to be validated according to the PCI-DSS.

Where do I start?

To become PCI compliant you must successfully pass a vulnerability scan from an approved scanning vendor, and fill out the Self-Assessment Questionnaire. Click here for more information.

How does ProperHost help with PCI compliance?

See how we address each of the 12 requirements specified in the PCI Data Security Standard

1. Install and maintain a firewall configuration to protect cardholder data
Managed Firewall
ProperHost applies stringent firewall rules that inspects and filter any unwanted traffic from the network, such as port sniffing attempts or packet flood attacks.
2. Do not use vendor-supplied defaults for system passwords and other security parameters
Strong Password Policy
All ProperHost servers enforce a strong password policy to ensure user accounts and system services are not using weak passwords that can easily be cracked.
3. Protect stored cardholder data
Token-Based Payment System

It is your responsibility to implement this requirement.

Note: We do not recommend storing credit card information directly in your database. Instead, use a token-based payment system where sensitive card details are stored remotely with the payment processor provider.

4. Encrypt transmission of cardholder data across open, public networks
SSL Certificates
ProperHost offers highly secure SSL certificates from the leading and most trusted SSL issuers in the industry. Domain Validated (DV), Organization Validated (OV), and Extended Validation (EV) SSL certificates are available.
5. Use and regularly update anti-virus software on all systems commonly affected by malware
Managed Anti-Virus and Web Application Firewall
ProperHost provides advanced Anti-Virus and Web Application Firewall toolkits for real-time web application monitoring and protection against malware and common security exploits.
6. Develop and maintain secure systems and applications
Automatic Security Updates and Kernel Patches
We offer automatic rebootless kernel updates through KernelCare by CloudLinux, which automatically applies new security patches and keeps your server protected against known vulnerabilities. The Mod Security web application firewall is installed and updated with the latest security rule set and PHP is secured by Suhosin, an extension which adds several patches to the PHP core and includes numerous other protections.
7. Restrict access to cardholder data by business need-to-know
Granular Access Control and "Least Privilege" Principle
Through the ProperHost control panel, you can create accounts and assign privileges to only the users that should have access to a particular system or service, such as the FTP or database server. Restrict access by IP address or public-key authentication to further restrict who can access your server.
8. Assign a unique ID to each person with computer access This requirement is covered by requirement 7.
9. Restrict physical access to cardholder data
Data Center Security
The ProperHost servers are located in a state-of-the-art data center with SSAE-16/SAS-70 Type II certifications and SOC 1 Type 2 audit. Our facility conforms to the highest level of security, including 24/7 on-site security guards, interior and exterior camera surveillance, keycard locks and biometric palm scanner to restrict the access of unauthorized personnel.
10. Track and monitor all access to network resources and cardholder data
Proactive Monitoring and Log Inspection
Our engineers and security experts continuously monitors the server logs for suspicious activity and break-in attempts, and provide expert guidance and investigation in the event of an alleged security breach. Raw access logs are available upon request.
11. Regularly test security systems and processes
Threat Management
ProperHost employs sophisticated Intrusion Detection Systems and various threat mitigation strategies to detect threats and vulnerabilities in real-time. Our highly skilled server engineers are available around-the-clock to immediately investigate and respond to alerts.
12. Maintain a policy that addresses information security It is your responsibility to implement this requirement. It should be part of your organization's security policy.

Remember that simply hosting with ProperHost doesn't automatically make you PCI-compliant. And while technologies can help in your efforts toward PCI compliance, tools like Firewalls, Intrusion Detection Systems and Log Management appliances are only as effective as the people and processes in place to install and manage them.