Our cloud has been successfully certified for compliance with PCI DSS 3.2.1. Compliance with the international standard was confirmed by the results of the annual QSA audit conducted by Compliance Control Ltd.
We’ll explain why this certificate is important, and what it guarantees to our customers.
What is PCI DSS?
PCI DSS (Payment Card Industry Data Security Standard) is a data security standard in the payment card industry. Developed by the Payment Card Industry Security Standards Council (PCI SSC), which was founded by international payment companies Visa, MasterCard, American Express, JCB, and Discover.
The standard establishes security requirements for organizations that store, process, and transmit cardholder data.
To become certified, a company needs to meet numerous criteria:
- A secure computer network.
- Anti-virus and physical protection of the infrastructure.
- Control of its security.
- Certain configuration of infrastructure components.
- Protection of stored and transmitted cardholder data.
- Information security management.
- Development and support of IT systems.
- Authentication mechanisms.
- Event logging.
- Controlled access to cardholder data.
Simply put, in order to obtain this certificate, a company that works with payment data must securely store and transmit it, monitor who can access this data and how, and ensure the security of its infrastructure overall. The system must be constantly tested, checked for vulnerabilities, and improved.
Any organization that stores, processes, or transmits payment information must have a PCI DSS certificate. With it, the company proves that the data in its systems is really protected and no one can obtain unauthorized access to it.
Why clouds need PCI DSS
Companies use cloud services to process and store the payment data of their customers around the world. This means that clouds must comply with international security requirements.
The fact that our cloud has been certified means that it can now handle banking transactions. Financial organizations, online stores, online services, and other companies whose services can be paid for by card can use our cloud to work with payment data.
But, this is also great news for those outside the financial sector. The PCI DSS certificate indicates a high level of service security. This means you can trust us with any data. We guarantee its protection, as proven by the certificate.
“The cloud infrastructure of Gcore is represented on all continents. The company’s public cloud clusters operate in Luxembourg, Ashburn, and Singapore. In 2021, we also plan to connect Frankfurt, Sydney, and São Paulo. We pay great attention to protecting our infrastructure at every point of presence, and obtaining PCI DSS certification means international recognition of the quality of our cloud’s IT security.”
Gcore Cloud Platform Department Head
Vsevolod Vayner
In addition, Intel SGX support was recently added to Gcore Cloud. This allows us to isolate private areas of code and data to provide them with reliable protection against disclosure or modification.
Test our cloud for a powerful, easy-to-use, yet reliable infrastructure for computing and growing your business.
Or, get a free consultation in order to more accurately choose a solution for your specific tasks.