Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

9/12/2014
01:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

FireHost Fuses Security and Compliance in Unique Compliance-as-a-Service Offering

CaaS Solution Helps PCI-, HIPAA-driven Companies Reduce Risk By Addressing Compliance in the Industry's Most Secure Cloud

Dallas, TX – September 8, 2014 - To help businesses protect their data and exceed PCI, HIPAA, and other regulatory requirements, secure cloud leader FireHost has announced the most complete compliance-as-a-service (CaaS) offering, making the fast-growing company the only cloud provider in the industry to deliver such a service.

Customers using FireHost CaaS have the unique ability to host critical data while addressing compliance requirements within the industry’s most secure cloud infrastructure -- all without buying or integrating appliances or software. FireHost CaaS addresses gap analysis, remediation, auditing, security and compliance monitoring, incident response, and forensics. Businesses can offload compliance and security work to full-time experts, which is important as attack methods and regulatory requirements change. Businesses avoid the inefficiency of dealing with multiple vendors, auditors, and technology integration while reducing compliance scope. Simply put, using CaaS puts businesses in much better position to protect their sensitive data.

Key Highlights and Customer Benefits

  • To deliver CaaS, FireHost has partnered with IT governance, risk, and compliance leader Coalfire as an independent third party.
  • FireHost’s CaaS provides tailored guidance on a business’ compliance requirements, rather than the one-size-fits-all suggestions from other providers.
  • Companies will be able to purchase CaaS solutions for PCI, HIPAA, or both, helping them to mitigate risk and protect their brands, complete audits more quickly while reducing the cost to achieve compliance, and gain access to FireHost’s security and compliance experts.
  • Because Coalfire regularly audits and validates FireHost and many of its customers, the partnership will reduce the cost, complexity and length of audits for FireHost customers.
  • FireHost CaaS also includes a range of professional services, such as gap analysis, penetration testing, and audit via referral to compliance partners like Coalfire.
  • Earlier this year, FireHost was one of the first cloud providers to achieve PCI 3.0 compliance.
  • The company was also acknowledged for its security specialization when it was named the specialty leader in Gartner’s Magic Quadrant on Cloud-Enabled Managed Hosting.

Quotes

Craig Witsoe, CEO | Elo Touch Solutions
“Compliance and security must be addressed together as integrated disciplines – there are too many public examples where one without the other has resulted in a costly data breach. Elo worked together with FireHost and Coalfire during development of our PayPoint all-in-one cash register. Our retail point-of-sale (POS) customers want a cloud-based solution that is fully integrated and easy to use with rigorous compliance testing and security investments to better protect shopper transactions. FireHost highlights how they build security directly into their core cloud platform; and Coalfire focuses on the independent compliance audit, risk assessment, and validation required for PCI DSS and PCI PA-DSS payment application security standards.”

Jim Lewandowski, CEO | FireHost
“Data breaches and hacks present a constant threat for businesses, especially for those handling regulated data. The FireHost CaaS and our work with Coalfire are significant because it makes security and compliance easier, faster, and more affordable. Businesses don’t have capital expenses or integration headaches with CaaS – we take care of the complex security product integration, and we provide our customers the best secure cloud, all supported by industry-leading security professionals.”

Kurt Hagerman, CISO | FireHost
“As HIPAA and PCI evolve, many organizations don’t have staff, budget, technologies, or time to treat compliance and security as a strategic initiative. FireHost’s CaaS offering helps protect data while simplifying compliance. It will help our customers reduce risk and avoid costs through a smaller remediation footprint and reduced technology needs. Because all of these services are integrated and delivered by a single provider, customers can focus on their business and leave security and compliance to full-time specialists and experts like us.”

Rick Dakin, CEO | Coalfire
“We see FireHost as a service provider that goes well beyond compliance in offering secure cloud solutions. The significant investment made by FireHost can be leveraged by a wide range of clients in the healthcare, retail and financial services sectors. The company’s compliance-as-a-service ‘DNA’ provides an environment that’s been designed from the bottom up to be secure. We’re thrilled to be an integral part of this next-generation of cloud services.”

About FireHost
FireHost offers the most secure, managed cloud IaaS available, protecting sensitive data and brand reputations of some of the largest companies in the world. With private, cloud infrastructure built for security, compliance, performance and managed service, responsible businesses choose FireHost to reduce risk and improve the collection, storage and transmission of their most confidential data.

Follow FireHost on:
http://www.firehost.com
http://www.twitter.com/firehost
http://www.linkedin.com/company/firehost-inc
http://www.facebook.com/FireHost

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
Unreasonable Security Best Practices vs. Good Risk Management
Jack Freund, Director, Risk Science at RiskLens,  11/13/2019
Breaches Are Inevitable, So Embrace the Chaos
Ariel Zeitlin, Chief Technology Officer & Co-Founder, Guardicore,  11/13/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16761
PUBLISHED: 2019-11-15
A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the [email protected] npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. All versions >1.0...
CVE-2019-16762
PUBLISHED: 2019-11-15
A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slpjs npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. Affected users can upgrade to any...
CVE-2019-13581
PUBLISHED: 2019-11-15
An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A heap-based buffer overflow allows remote attackers to cause a denial of service or execute arbitrary ...
CVE-2019-13582
PUBLISHED: 2019-11-15
An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A stack overflow could lead to denial of service or arbitrary code execution.
CVE-2019-6659
PUBLISHED: 2019-11-15
On version 14.0.0-14.1.0.1, BIG-IP virtual servers with TLSv1.3 enabled may experience a denial of service due to undisclosed incoming messages.