The Bunker achieves PCI DSS Compliance
Kent, UK, 29 September 2009 (AllPayNews.com) - The Bunker Secure Hosting Ltd (www.thebunker.net), a leading provider of Ultra Secure Data Centres and Managed Services on a range of technologies, today announces it has achieved Payment Card Industry (PCI) Data Security Standard (DSS) compliance, the internationally-recognised industry standard for payment account data security.
PCI DSS is viewed by the payment card industry as the de facto security requirement for organisations that store, process or transmit cardholder details. The Bunker’s PCI DSS accreditation will help customers meet their own requirements when working towards PCI DSS compliance.
The PCI DSS is a multifaceted security standard that requires applicants to demonstrate competencies across a range of disciplines including security management, policies, procedures, network architecture and software design.
The core elements of PCI DSS are as follows:
- Build and maintain a secure network
- Protect Cardholder Data
- Maintain a Vulnerability Management Programme
- Implement Strong Access Control Measures
- Regularly Monitor and Test Networks
- Maintain an Information Security Policy
To achieve PCI DSS accreditation The Bunker worked with Visa and MasterCard approved security assessor ESCS Ltd. As a result of achieving PCI DSS compliancy, customers of The Bunker that store credit card details, transaction data and customer information are assured that their data centre facility complies with stringent security standards outlined by payment card issuers. Additionally, customers hosting with The Bunker are exempt from requiring their own Data Centre PCI DSS accreditation.
“Achieving PCI DSS compliance demonstrates to our customers, suppliers, staff and investors that our data centres meet the most stringent of security requirements,” commented Peregrine Newton, CEO, The Bunker. “The continued expansion of e-commerce has seen a rapid rise in online card transactions and it is important that our customers are confident that The Bunker reaches and surpasses the highest industry standards in protecting cardholder data. The Bunker is already ISO 27001 accredited; by becoming PCI DSS compliant we continue to support our customers high security demands and free them to focus on their core business.”
For further information, please contact:
+ 44 (0)20 8971 6429
About The Bunker
The Bunker delivers secure managed hosting and data centre solutions from within Europe’s most secure data centre.
Our Data Centres, which are outside the M25 yet within easy reach of London, are ex-military Nuclear Bunkers purpose built to house the UK's air defence systems. We run 24/7/365 and our NOC monitors systems both nationally and internationally and is staffed around the clock by system and network engineers and security staff.
Our technical leaders are recognised experts in security and cryptography, renowned for their work on Apache-SSL. The Bunker is ISO 27001 accredited and we are a Microsoft Gold Partner. We use Open Source software where appropriate as we believe it can offer great benefits in security, stability and cost effectiveness. Through our in house networks team and via close working relationships with a number of selected network providers, we deliver a multi-homed, no single point of failure transit network between our sites and the Internet.
The Bunker works with over 150 clients, large and small. Our clients are Financial Services Organisations, Technology companies, local government and other regulated businesses that value a premium service built around security.
Our service is proactive, high quality, sometimes innovative, but always practical, responsive and secure. We never forget the enormous trust our clients vest in us. As an organisation we understand that our success relies upon our reputation and our reputation is earned by continuing to fulfil this trust and afford peace of mind.
The Bunker Protocol™
All Bunker-based applications are protected by The Bunker Protocol™, our proprietary, Ultra Secure process framework that includes:
§ Military-Grade Data Centres – in our underground bunker outside the M25 in Kent and our mirror facility in Newbury, both protected by integrated processes for physical, digital and human security
§ Hardened Source™ – Our unique combination of open source and proprietary technologies built and integrated in-house from the source code up
§ Tierless Support™ – no ‘first tier helpdesk’; tierless support – direct 24/7 access to qualified hands-on support teams
About ESCS (www.ecsc.co.uk)
Established in 2000, as vendor independent information security specialists, we have grown rapidly to offer a wide range of solutions and services, each designed and proven to help you improve your information security.
Our key milestones and current credentials include:
· Ongoing management of the ECSC Secure Platform Linux distribution, the technology at the heart of many of our managed security solutions.
· Certification of our whole operation to BS 7799 in 2003, moving to ISO 27001 in 2006 within one month of its release.
· Part of the committee writing the BS 7799-3 (ISO 27005) risk management standard.
· ISO 9001 certification covering our consulting and security management systems.
· ISO 20000 certification covering our managed security services.
· Payment Card Industry (PCI) Qualified Security Assessor (QSA) accreditation.
· CLAS registered consultancy with CESG (part of GCHQ Cheltenham).
· We have a number of IRQA qualified lead auditors (ISO 27001), all our consultants are Certified Information Security Systems Professionals (CISSP), and security testers are Certified Ethical Hackers (CEH)