Follow on Google News News By Tag Industry News News By Location Country(s) Industry News
Follow on Google News | BNS Hosting is a PCI Compliant Hosting ProviderPCI (Payment Card Industry) Compliance standards was created by major credit card issuers to protect personal information and ensure security when transactions are processed using a payment card.
By: BNS Hosting PCI (Payment Card Industry) Compliance standards was created by major credit card issuers to protect personal information and ensure security when transactions are processed using a payment card. Members of the Payment Card Industry (financial institutions, credit card companies and merchants) must comply with these standards if they are accepting credit cards as modes of payment. Failure to meet these standards can result to fines from credit card companies and even the loss of the ability to process credit cards. There are six categories of PCI Standards that must be met in order for a retailer to be considered a PCI Compliant. 1. Maintain a secure network An actual network where the transaction is being exposed to, must be secured. In case of an online business, the vulnerability for this standard is the web server itself. In here, the hosting companies must take the responsibility to make the network secure. 2. Protecting Cardholder Data This category focuses on how the cardholder data is stored and transmitted. Ways on how to protect these data are, encryption of data. Online businesses need to be critical of the way the cardholder data is transmitted. Because during the transmission, the data is being sent across the Internet. The data here must be encrypted with at least a 128 bit SSL certificate to meet this standard. 3. Maintaining a Vulnerability Management Program This category means, keeping systems up to date. Vulnerability exposures can be minimized by regularly updating computer hardware, operating systems and software, anti-virus softwares, and regular virus scans. 4. Implementing Strong Access Control Measures Part of meeting PCI Compliance means limiting access to cardholder data to only those persons that need to use it. 5. Regular Monitor and Test Networks Networks where the cardholder data is located must be monitored and tested regularly. Regular scans of security measures and processes, monitoring and tracking of network access to cardholder data are required to satisfy this standard. 6. Maintain an Information Security Policy Making and implementing a security policy for the company to make sure employees know and understand their responsibilities with regards to cardholder data. Within these six categories are 12 requirements that address particular issues and that are directly related to web application security: 1. Install and maintain a firewall configuration to protect cardholder data 2. Do not use vendor-supplied defaults for system passwords and other security parameters 3. Protect stored cardholder data 4. Encrypt transmission of cardholder data across open, public networks 5. Use and regularly update anti-virus software 6. Develop and maintain secure systems and applications 7. Restrict access to cardholder data by business need-to-know 8. Assign a unique ID to each person with computer access 9. Restrict physical access to cardholder data 10. Track and monitor all access to network resources and cardholder data 11. Regularly test security systems and processes 12. Maintain a policy that addresses information security Since Payment Card Industry (PCI)’s Data Security Standard is increasingly being demanded by tech savvy clients, so it is important that your hosting provider is able to offer PCI Compliant Hosting. PCI Compliant Hosting providers have grown in importance as the scale of financial transactions are more and more being done online. At BNS we implement the major aspects of PCI standards to make these PCI standard hosting services. Both physical and logical barriers are in place to restrict access and secure data to only those individuals that are properly authenticated and authorized to access the servers. BNS Hosting employ things like certificate based security, encrypted communications, IP access control list, full audit entry logs and physical access control measures that employ biometrics. How to make your website PCI Compliant? Step 1: Find out the level of PCI Compliance needed: Level 1: Merchants which process over 6 million annual transactions or have already suffered an attack resulting in compromised data· Level 2: Merchants which process between 150,000 to 6 million annual transactions Level 3: Merchants which process between 20,000 and 150,000 annual transactions Level 4: Merchants which process less than 20,000 annual transactions The requirements for each level are: Level 1: Annual on-site security audit and quarterly network security scan. Level 2 and 3: Annual self assessment questionnaire and quarterly scan by an approved PCI scanning vendor Level 4: No need to report compliance but must maintain compliance Step 2: Engage a PCI approved scanning vendor to have your Web site scanned for vulnerabilities. Be sure to continue the scanning on a quarterly basis. Step 3: Report your compliance by sending the PCI scan and self-assessment to your merchant bank. Feel free to contact us about your PCI compliant hosting requirements at team[@]bnshosting.net or visit our site http://www.bnshosting.net and talk to our online expert hosting solution adviser. # # # The only website that offers affordable web hosting, domain names, web design, domain name registration, and the right place to host your small to medium business website or personal website. End
Account Email Address Disclaimer Report Abuse
|