Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

9/12/2014
01:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

FireHost Fuses Security and Compliance in Unique Compliance-as-a-Service Offering

CaaS Solution Helps PCI-, HIPAA-driven Companies Reduce Risk By Addressing Compliance in the Industry's Most Secure Cloud

Dallas, TX – September 8, 2014 - To help businesses protect their data and exceed PCI, HIPAA, and other regulatory requirements, secure cloud leader FireHost has announced the most complete compliance-as-a-service (CaaS) offering, making the fast-growing company the only cloud provider in the industry to deliver such a service.

Customers using FireHost CaaS have the unique ability to host critical data while addressing compliance requirements within the industry’s most secure cloud infrastructure -- all without buying or integrating appliances or software. FireHost CaaS addresses gap analysis, remediation, auditing, security and compliance monitoring, incident response, and forensics. Businesses can offload compliance and security work to full-time experts, which is important as attack methods and regulatory requirements change. Businesses avoid the inefficiency of dealing with multiple vendors, auditors, and technology integration while reducing compliance scope. Simply put, using CaaS puts businesses in much better position to protect their sensitive data.

Key Highlights and Customer Benefits

  • To deliver CaaS, FireHost has partnered with IT governance, risk, and compliance leader Coalfire as an independent third party.
  • FireHost’s CaaS provides tailored guidance on a business’ compliance requirements, rather than the one-size-fits-all suggestions from other providers.
  • Companies will be able to purchase CaaS solutions for PCI, HIPAA, or both, helping them to mitigate risk and protect their brands, complete audits more quickly while reducing the cost to achieve compliance, and gain access to FireHost’s security and compliance experts.
  • Because Coalfire regularly audits and validates FireHost and many of its customers, the partnership will reduce the cost, complexity and length of audits for FireHost customers.
  • FireHost CaaS also includes a range of professional services, such as gap analysis, penetration testing, and audit via referral to compliance partners like Coalfire.
  • Earlier this year, FireHost was one of the first cloud providers to achieve PCI 3.0 compliance.
  • The company was also acknowledged for its security specialization when it was named the specialty leader in Gartner’s Magic Quadrant on Cloud-Enabled Managed Hosting.

Quotes

Craig Witsoe, CEO | Elo Touch Solutions
“Compliance and security must be addressed together as integrated disciplines – there are too many public examples where one without the other has resulted in a costly data breach. Elo worked together with FireHost and Coalfire during development of our PayPoint all-in-one cash register. Our retail point-of-sale (POS) customers want a cloud-based solution that is fully integrated and easy to use with rigorous compliance testing and security investments to better protect shopper transactions. FireHost highlights how they build security directly into their core cloud platform; and Coalfire focuses on the independent compliance audit, risk assessment, and validation required for PCI DSS and PCI PA-DSS payment application security standards.”

Jim Lewandowski, CEO | FireHost
“Data breaches and hacks present a constant threat for businesses, especially for those handling regulated data. The FireHost CaaS and our work with Coalfire are significant because it makes security and compliance easier, faster, and more affordable. Businesses don’t have capital expenses or integration headaches with CaaS – we take care of the complex security product integration, and we provide our customers the best secure cloud, all supported by industry-leading security professionals.”

Kurt Hagerman, CISO | FireHost
“As HIPAA and PCI evolve, many organizations don’t have staff, budget, technologies, or time to treat compliance and security as a strategic initiative. FireHost’s CaaS offering helps protect data while simplifying compliance. It will help our customers reduce risk and avoid costs through a smaller remediation footprint and reduced technology needs. Because all of these services are integrated and delivered by a single provider, customers can focus on their business and leave security and compliance to full-time specialists and experts like us.”

Rick Dakin, CEO | Coalfire
“We see FireHost as a service provider that goes well beyond compliance in offering secure cloud solutions. The significant investment made by FireHost can be leveraged by a wide range of clients in the healthcare, retail and financial services sectors. The company’s compliance-as-a-service ‘DNA’ provides an environment that’s been designed from the bottom up to be secure. We’re thrilled to be an integral part of this next-generation of cloud services.”

About FireHost
FireHost offers the most secure, managed cloud IaaS available, protecting sensitive data and brand reputations of some of the largest companies in the world. With private, cloud infrastructure built for security, compliance, performance and managed service, responsible businesses choose FireHost to reduce risk and improve the collection, storage and transmission of their most confidential data.

Follow FireHost on:
http://www.firehost.com
http://www.twitter.com/firehost
http://www.linkedin.com/company/firehost-inc
http://www.facebook.com/FireHost

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/5/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Cybersecurity Spending Hits 'Temporary Pause' Amid Pandemic
Kelly Jackson Higgins, Executive Editor at Dark Reading,  6/2/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13864
PUBLISHED: 2020-06-05
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from a stored XSS vulnerability. An author user can create posts that result in a stored XSS by using a crafted payload in custom links.
CVE-2020-13865
PUBLISHED: 2020-06-05
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from multiple stored XSS vulnerabilities. An author user can create posts that result in stored XSS vulnerabilities, by using a crafted link in the custom URL or by applying custom attributes.
CVE-2020-11696
PUBLISHED: 2020-06-05
In Combodo iTop a menu shortcut name can be exploited with a stored XSS payload. This is fixed in all iTop packages (community, essential, professional) in version 2.7.0 and iTop essential and iTop professional in version 2.6.4.
CVE-2020-11697
PUBLISHED: 2020-06-05
In Combodo iTop, dashboard ids can be exploited with a reflective XSS payload. This is fixed in all iTop packages (community, essential, professional) for version 2.7.0 and in iTop essential and iTop professional packages for version 2.6.4.
CVE-2020-13646
PUBLISHED: 2020-06-05
In the cheetah free wifi 5.1 driver file liebaonat.sys, local users are allowed to cause a denial of service (BSOD) or other unknown impact due to failure to verify the value of a specific IOCTL.