Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


01:00 PM
Dark Reading
Dark Reading
Products and Releases

FireHost Fuses Security and Compliance in Unique Compliance-as-a-Service Offering

CaaS Solution Helps PCI-, HIPAA-driven Companies Reduce Risk By Addressing Compliance in the Industry's Most Secure Cloud

Dallas, TX – September 8, 2014 - To help businesses protect their data and exceed PCI, HIPAA, and other regulatory requirements, secure cloud leader FireHost has announced the most complete compliance-as-a-service (CaaS) offering, making the fast-growing company the only cloud provider in the industry to deliver such a service.

Customers using FireHost CaaS have the unique ability to host critical data while addressing compliance requirements within the industry’s most secure cloud infrastructure -- all without buying or integrating appliances or software. FireHost CaaS addresses gap analysis, remediation, auditing, security and compliance monitoring, incident response, and forensics. Businesses can offload compliance and security work to full-time experts, which is important as attack methods and regulatory requirements change. Businesses avoid the inefficiency of dealing with multiple vendors, auditors, and technology integration while reducing compliance scope. Simply put, using CaaS puts businesses in much better position to protect their sensitive data.

Key Highlights and Customer Benefits

  • To deliver CaaS, FireHost has partnered with IT governance, risk, and compliance leader Coalfire as an independent third party.
  • FireHost’s CaaS provides tailored guidance on a business’ compliance requirements, rather than the one-size-fits-all suggestions from other providers.
  • Companies will be able to purchase CaaS solutions for PCI, HIPAA, or both, helping them to mitigate risk and protect their brands, complete audits more quickly while reducing the cost to achieve compliance, and gain access to FireHost’s security and compliance experts.
  • Because Coalfire regularly audits and validates FireHost and many of its customers, the partnership will reduce the cost, complexity and length of audits for FireHost customers.
  • FireHost CaaS also includes a range of professional services, such as gap analysis, penetration testing, and audit via referral to compliance partners like Coalfire.
  • Earlier this year, FireHost was one of the first cloud providers to achieve PCI 3.0 compliance.
  • The company was also acknowledged for its security specialization when it was named the specialty leader in Gartner’s Magic Quadrant on Cloud-Enabled Managed Hosting.


Craig Witsoe, CEO | Elo Touch Solutions
“Compliance and security must be addressed together as integrated disciplines – there are too many public examples where one without the other has resulted in a costly data breach. Elo worked together with FireHost and Coalfire during development of our PayPoint all-in-one cash register. Our retail point-of-sale (POS) customers want a cloud-based solution that is fully integrated and easy to use with rigorous compliance testing and security investments to better protect shopper transactions. FireHost highlights how they build security directly into their core cloud platform; and Coalfire focuses on the independent compliance audit, risk assessment, and validation required for PCI DSS and PCI PA-DSS payment application security standards.”

Jim Lewandowski, CEO | FireHost
“Data breaches and hacks present a constant threat for businesses, especially for those handling regulated data. The FireHost CaaS and our work with Coalfire are significant because it makes security and compliance easier, faster, and more affordable. Businesses don’t have capital expenses or integration headaches with CaaS – we take care of the complex security product integration, and we provide our customers the best secure cloud, all supported by industry-leading security professionals.”

Kurt Hagerman, CISO | FireHost
“As HIPAA and PCI evolve, many organizations don’t have staff, budget, technologies, or time to treat compliance and security as a strategic initiative. FireHost’s CaaS offering helps protect data while simplifying compliance. It will help our customers reduce risk and avoid costs through a smaller remediation footprint and reduced technology needs. Because all of these services are integrated and delivered by a single provider, customers can focus on their business and leave security and compliance to full-time specialists and experts like us.”

Rick Dakin, CEO | Coalfire
“We see FireHost as a service provider that goes well beyond compliance in offering secure cloud solutions. The significant investment made by FireHost can be leveraged by a wide range of clients in the healthcare, retail and financial services sectors. The company’s compliance-as-a-service ‘DNA’ provides an environment that’s been designed from the bottom up to be secure. We’re thrilled to be an integral part of this next-generation of cloud services.”

About FireHost
FireHost offers the most secure, managed cloud IaaS available, protecting sensitive data and brand reputations of some of the largest companies in the world. With private, cloud infrastructure built for security, compliance, performance and managed service, responsible businesses choose FireHost to reduce risk and improve the collection, storage and transmission of their most confidential data.

Follow FireHost on:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-01-25
The MediaWiki "Report" extension has a Cross-Site Request Forgery (CSRF) vulnerability. Before fixed version, there was no protection against CSRF checks on Special:Report, so requests to report a revision could be forged. The problem has been fixed in commit f828dc6 by making use of Medi...
PUBLISHED: 2021-01-25
ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a "zip-slip" vulnerability. The directory support feature allows the ...
PUBLISHED: 2021-01-25
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML ...
PUBLISHED: 2021-01-25
When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 ~ 2.1.3 and fixed in Apache ServiceComb-Java-Chassis 2.1.5
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting