What is PCI DSS V3.2?
PCI is a global standard for the secure handling of payment card industry information such as CCV numbers, PAN numbers, PIN numbers and more. It’s not the law, but it’s where VISA, Mastercard, AMEX, JCB and Discovery draw a line in the sand. If you comply, they are accountable for data breaches. If you don’t, you’re on your own, and with new mandatory breach reporting legislation now in full effect – the stakes have never been higher.
PCI security standards apply to any organisation that accepts, transmits or stores cardholder data, regardless of transaction size or volume or even if they use 3rd party providers. Comparing complex cloud solutions is challenging, so this formal certification gives you a balck-and-white simpe, view of which providers are compliant. And which are not.
The tricky part? 1/3 of small business don’t know it exists. Are you ready?
The Goalposts Keep Moving.
When the latest V3.2 standards launched in June 2016, the entire industry had just 1 quarter to ensure they complied. In January 2018, what were previously best-practice recommendations became hard requirements. Macquarie Cloud Services deliver end-to-end solutions with their own sovereign Australian data centres and 100-strong NV1 certified team, so we are are uniquely placed to deliver secure Cloud solutions. Because risks are growing, but budgets are not.
Where It Fits in Your Total Security Framework.
Macquarie Cloud Services are Australia’s most-recommended colocation, hybrid and private cloud provider because of our unrivaled CMND and HMC engineering service teams and their defence-in-depth security model.
Certifications like PCI are just 1 of 10 key criteria required to protect your environment. Because just part of a solution is no solution at all.
Not all PCI Support is Created Equal.
Attaining PCI certification requires over 70 ‘gates’ and over 280 criteria with a Qualified Security Assessor (QSA). We fulfil more criteria, so we leave less for you to do to attain your own certifications. Insist any prospective provider publish their certifications, and clearly break down which criteria they will not fulfil for you.