PCI Compliant Web Hosting Service

If your business is accepting credit cards online, you NEED to be PCI DSS compliant. But, what exactly is PCI DSS compliance and how can you be sure that you are compliant?

First, let’s start with the big question: What is PCI Compliance?

To be PCI compliant means you follow all the rules set by the PCI Security Standards Council (PCI SSC). The council was created by major credit card companies. Their goal is to set standards for the way businesses store, process, and send credit card data.

Businesses that are compliant with PCI DSS standards have tight security around the storage, transmission, and processing of card data. Then further monitoring, testing, and reporting are required.

PCI Compliance Checklist

This is a high-level overview of what it takes to be PCI compliant. Taken from the PCI SSC Quick Reference Guide

Install and maintain a firewall and router configuration to protect
cardholder data.
Do not use vendor-supplied defaults for system passwords and other security parameters.
Protect stored cardholder data.
Encrypt transmission of cardholder data across open, public networks.
Use and regularly update anti-virus software.
Develop and maintain secure systems and applications.
Restrict access to cardholder data by business need-to-know.
Assign a unique ID to each person with computer access.
Restrict physical access to cardholder data.
Track and monitor all access to network resources and cardholder data.
Regularly test security systems and processes.
Maintain a policy that addresses information security.

What is PCI Compliant Web Hosting?

PCI DSS Compliant Web Hosting means the servers, network, software, and processes all follow the 12 standards mentioned above. While most VPS and dedicated servers are PCI compliant, most shared hosting providers are not PCI compliant.

Host Little is one of the few companies offering PCI compliant shared hosting.