 |
| Dedicated Server Hosting |
| Low cost dedicated servers for small and individual applications |
|
| Managed Hosting |
| Solutions for clients requiring a dedicated management team and managed servers |
|
| Enterprise Hosting |
| Solutions for mid-large environments requiring a dedicated management team and high availability managed hosting |
|
  |
PCI DSS for SaaS providers
PCI DSS secure systems, services and solutions
PCI DSS Payment Card Industry Data Security Standard Systems, services and solutions
If your business stores, processes, or transmits cardholder information, you can’t be too cautious when it comes to
safeguarding that data. To that end, the Payment Card Industry (PCI) Security Standards Council has designed a
framework of tools and measurements to help ensure data security processes are in place at organizations that
handle (i.e., store, process, or transmit) sensitive cardholder information.
CCNet’s Payment Card Industry Security Services assists merchants, member institutions, and service providers to
improve information security, meet PCI requirements, and determine compliance to the PCI Data Security Standard
(DSS) requirements. CCNet is recognized as both a Qualified Security Assessor (QSA) and an Approved Scanning
Vendor (ASV) by the PCI Security Council. CCNet offers our PCI Security Services and security professionals, who
perform an objective examination of the effectiveness of your current cardholder environment and security
procedures, as a way for you to meet your organization’s security goals and PCI DSS obligations. |
| |
Independent Review by CCNet Security Experts
CCNet’s information security consultants are highly qualified experts carrying the Certified Information Systems
Security Professional (CISSP) designation. They know what to look for and focus on, and how to provide the
independent results you need. Our consultants assess and test an organization to ascertain compliance with the PCI
DSS requirements, as defined by the PCI Security Standards Council, in conjunction with the reporting stipulations of
the payment brands. Depending on the service, the tools offered can range from perimeter scanning, penetration
testing, self-administered questionnaire, or data security assessment. |
| |
Best Practices and Improved Security
CCNet examines your organization’s systems, applications, network, and data that support the critical business and
technical operations related to the cardholder environment. Based on the type of service (e.g., scanning, analysis, or
assessment), you get straight answers and strategic recommendations to align your PCI program with industry best
practices, which lead to a more mature security environment. |
| |
Timely Assistance and Enhanced Compliance
After risks and exposures are identified through an examination of systems, networks, and security management
documentation, organizations may opt for assistance from CCNet experts who specialize in security enhancement
projects and security awareness programs. With CCNet working closely at your side, solutions based on industry
best practices and regulatory requirements can be implemented by your business and technology staff. We provide a
follow-up validation that reported vulnerabilities have been effectively resolved and non-compliant PCI DSS
requirements have been satisfied. |
| |
Penetration AssessmentProvides compliance to Requirement 11.3 of the
PCI DSS
Validates the strength of systems and networks
Tests current incident response capabilities
Improves security through identification of ‘holes’
and provide remediation recommendations
Delivers a detailed matrix of prioritized
vulnerabilities, high-level root-cause analysis,
penetration paths, remediation recommendations,
strong practices, and areas for improvement |
| |
Readiness Assessment
Provides assistance to the organization in self evaluating
its PCI DSS compliance
Facilitates validation of the Self-Assessment
Questionnaire by noting strengths and
weaknesses in the cardholder data environment
Presents an assessment with gap analysis and
plan to minimize exposures
Delivers a completed Self-Assessment
Questionnaire, project list for information security
program improvement, and recommendations for
priorities and funding
|
| |
PCI Vulnerability Scanning
Provides compliance to Requirement 11.2 of the
PCI DSS
Presents a detailed vulnerability listing with risk
levels and remediation procedures
Delivers an Executive Summary Report and a
detailed Vulnerability Report in PCI-approved
electronic format with the required compliance
status, vulnerability list, and feedback
questionnaire, respectively |
| |
PCI Compliance Assessment
Provides comprehensive review and independent
onsite data security assessment per the PCI DSS
Security Audit Procedures
Evaluates the compliance state through interviews
with relevant business and technology
representatives, selects representative samples to
determine strengths and challenges to the security
of cardholder data, and tests the effectiveness of
PCI-mandated controls
Documents remediation recommendations (if
needed) that will help the organization improve the
cardholder data security posture and become
compliant with PCI DSS regulations
Delivers a comprehensive Report on Compliance
that includes an executive summary, a detailed
scope of work and approach taken, quarterly scan
results, and methodical listing of findings and
observations, leading to a final determination of
compliance status
|
|
|
MANAGED HOSTING
|
 |
Solutions and services for clients requiring high level of availability and a team of hosting professionals.
Learn more | Quote & Customize Options |
ENTERPRISE HOSTING
|
 |
Enterprise solutions for medium and large clients requiring redundant systems and highest availability SLA.
Learn more | Submit Hosting RFP |
|
