Making your Website PCI Compliant

PRLog (Press Release) – Jul 09, 2008 – The Payment Card Industry (PCI)’s Data Security Standard is increasingly being demanded by tech savvy clients, so it is important that your hosting provider is able to offer PCI Compliant Hosting.

PCI Compliant Hosting providers have grown in importance as the scale of financial transactions are more and more being done online. At BNS we implement the major aspects of PCI standards to make these PCI standard hosting services. Both physical and logical barriers are in place to restrict access and secure data to only those individuals that are properly authenticated and authorized to access the servers.

We employ things like certificate based security, encrypted communications,  IP access control list, full audit entry logs and physical access control measures that employ biometrics.

How to make your website PCI Compliant?

Step 1: Find out the level of PCI Compliance needed:

Level 1: Merchants which process over 6 million annual transactions or have already suffered an attack resulting in compromised data·  

Level 2: Merchants which process between 150,000 to 6 million annual transactions

Level 3: Merchants which process between 20,000 and 150,000 annual transactions

Level 4: Merchants which process less than 20,000 annual transactions

The requirements for each level are:

Level 1: Annual on-site security audit and quarterly network security scan.

Level 2 and 3: Annual self assessment questionnaire and quarterly scan by an approved PCI scanning vendor

Level 4: No need to report compliance but must maintain compliance

Step 2: Engage a PCI approved scanning vender to have your Web site scanned for vulnerabilities.  Be sure to continue the scanning on a quarterly basis.

Step 3: Report your compliance by sending the PCI scan and self-assessment to your merchant bank.

Feel free to contact us about your PCI compliant hosting requirements at team[@]bnshosting.net or visit our site http://www.bnshosting.net.