Cardholder Security - PCI Data Security Compliance

The Website Source Data Center - a benchmark for other hosting companies to follow:
Data Center -> Infrastructure -> Cisco Security -> DDoS Protection > PCI Compliance

We Take PCI Compliance Seriously. Very Seriously.

Visa, MasterCard and other plastic means of payment require member service providers (site owners) to demonstrate that cardholder information is safe by adhering to a set of PCI (Payment Card Industry) security standards. If you aren’t up to speed on these security standards, you can learn more by reading up on MasterCard’s “Site Data Protection” (SDP) program or Visa’s “Cardholder Information Security Program” (VisaCISP). Both provide detailed compliance procedures, rules and regs that must be followed in order to remain an MSP – member service provider.

Let’s face it, if you can’t accept credit card payments, you’re effectively out of business.

The Security Problem

It’s a jungle out there with hackers, crackers, war drivers and other black hats all trying to access critical customer data – your customer data. Why you? Because these bad guys know that commercial sites are collection points for sensitive personal info so if identity theft is the objective, what better place to start than a repository for this information – in one place and even alphabetized. How convenient.

Personal information is at the highest risk when being transmitted from customer to MSP or MSP to the PCI source that supports your merchant accounts. Additional hacker dangers exist within systems that use no or weak encryption and small businesses that store customer information on a single computer in the spare room. These are easy targets for experienced hackers and script-kiddies who can download cracker software from the Internet – free and fast – and disrupt your business and rip you off in 10 minutes.

Clever hackers have even discovered how to access unsecured data centers and refund money back to themselves. That could wipe out your bank account in even less time.

It’s a serious problem and one Website Source takes very seriously.

Website Source Stands Guard

What steps have been taken?

• First, we utilize numerous layers of server security, with redundancies throughout the Website Source network.
• We employ one of the best vulnerability evaluation service firms to monitor our network for compliance with all PCI Data Security Standards. This PCI Certification firm, which is Master Card certified, conducts thorough security evaluations on our network.

These service sentries provide automated PCI compliance testing and report generation back to the Network Administrators in a comprehensive format, actually pointing out if there are any vulnerabilities.

You can never be 100% secure in an environment that changes as rapidly as the W3, but you can take the necessary precautions to protect the sensitive data entrusted to you by customers. And it just makes sense to do that. After all, if your customer base data is compromised, you’re likely to face PCI sanctions and even be barred from maintaining your member service provider status.

Trust Website Source to deliver the highest levels of testing and security implementation.

At Website Source, you’re data is secure because our network is covered for PCI compliance.