According to Tiny Haynes, research director for Gartner and author of the research note, “Any site that handles credit card information needs to put in place the correct, far-reaching security processes and infrastructure to be PCI DSS compliant.”
He also recommends isolating the payment engine from the rest of the hosted infrastructure via network segmentation to reduce the scope of the PCI DSS requirements, and to “choose service providers that have already certified their operations as being PCI compliant. This will help you save time and resources, since you are obligated to use only PCI-certified providers.” Jed Danner, head of IT development at gotoBilling, agreed. The company, which has built its business model around offering a secure, compliant and easy payment platform, uses FireHost’s Payment Island to protect its customers’ personal and financial information in the cloud. “FireHost understands PCI compliance unlike any other cloud services provider, and that makes a huge difference to our business,” Danner said. “The network design of FireHost’s Payment Island makes it easy for us to keep our clients secure and meeting compliance, which is mandatory for our success.” The PCI DSS 3.0 standard is currently in its final phases of development. The final standard will be published in November and will then become effective Jan. 1, 2014. Although PCI DSS 3.0 becomes effective in January, compliance with 3.0 is not mandatory until January 2015. About FireHost FireHost offers the most secure, manage cloud IaaS available, protecting sensitive data and brand reputations of some of the largest companies in the world. With private, cloud infrastructure built for security, compliance, performance and managed service, responsible businesses choose FireHost to reduce risk and improve the collection, storage and transmission of their most confidential data. FireHost’s secure, managed cloud IaaS is available in Dallas, Phoenix, London and Amsterdam, offer robust, geographically redundant business continuity options across all sites. Based in Dallas, FireHost is the chosen secure private cloud service provider for brands that won't compromise on the security of their payment card, healthcare, and other regulated data. Follow FireHost on: http://www.firehost.com http://www.twitter.com/firehost http://www.linkedin.com/company/firehost-inc. http://www.facebook.com/FireHost Company Contact: Editorial Contact: Cathi Lane Sarah Hawley FireHost Ubiquity Public Relations [email protected] [email protected] +1.877.262.3473 x. 8133 +1.480.292.4640 UK Editorial Contact: Mike Marquiss and Jonathan Mathias Johnson King PR [email protected] + 44 (0) 20 7401 7968 ###