PCI Compliant Cloud

Secure Cloud Hosting and Compliance for Ecommerce and Financial Platforms, Applications and Data. Partner with WHOA.com’s Compliance experts to maximize your efforts.

Following PCI Security Standards Is Just Good Business.

WHOA.com offers a Fully Managed PCI Compliant Cloud and has gone through the rigorous process of obtaining and maintaining PCI DSS 3.2 compliance so that our customers feel confident in meeting their own compliance requirements. For each and every requirement, WHOA.com has solutions that we will tailor to our customer’s needs to meet and achieve their own compliance.

The Payment Card Industry Data Security Standards (PCI DSS) is a set of 6 Security areas comprised of 12 requirements designed to make sure that merchants that accept, process, store or transmit credit card date maintain a highly secure computing environment. These standards were developed jointly by Visa, MasterCard, JCB International, Discover and American Express to prevent consumer credit card data theft and reduce online fraud.

Compliance and validation of compliance with the 12 requirements is mandatory for any organization that stores, transmits or processes credit card transactions. If a merchant has a breach and they are found to be out of compliance, the fines can be extremely heavy and in many cases the business cannot recover.

Since we have met the criteria ourselves, we are extremely transparent with our customers and will advise and prescribe solutions accordingly to EVERY one of the following PCI DSS requirements:

WHOA.com PCI COMPLIANT CLOUD FEATURES


Our quick reference guide maps your PCI DSS Requirements to our secure cloud solutions, representing common sense steps that mirror security best practices.
DENOTES ITEMS THAT ARE STANDARD FEATURES OF THE WHOA.com PCI COMPLIANT CLOUD SOLUTIONS

BUILD AND MAINTAIN A SECURE NETWORK

Install & maintain a firewall configuration to protect cardholder data.
Do not use vendor-supplied defaults for system passwords & other security parameters.

Managed Firewall

Perimeter Firewall

VXLAN

System Policies

Hardened OS

PROTECT CARDHOLDER DATA

Protect stored cardholder data.
Encrypt transmission of cardholder data across open, public networks

Encrypted Storage

Encrypted Backups

VPN

VULNERABILITY MANAGEMENT PROGRAM

Use and regularly update anti-virus software or programs.
Develop and maintain secure systems and applications.

Anti Virus

IDS and IPS

Threat Manager

Penetration Tests

Vulnerability Scans

Web Application Firewall

IMPLEMENT STRONG ACCESS CONTROLS

Restrict access to cardholder data by business.
Assign a unique ID to each person with computer access.
Restrict physical access to cardholder data.

Password Management

Security Training

Tier IV Datacenters

Data Chain of Custody

REGULARLY MONITOR AND TEST NETWORKS

Track & monitor all access to network resources & cardholder data.
Regularly test security systems & processes.

Log Management

Fire Integrity Monitoring

Vulnberability Scans

Penetration Tests

IDS and IPS

Threat Manager

MAINTAIN AN INFORMATION SECURITY POLICY

Maintain a policy that addresses information security for all personnel.

Incident Response

Security Training

Business Continuity

Disaster Recovery

PCI-3Dcloud

PCI Compliant Hosting Solutions

To Learn more about WHOA.com’s Fully Managed PCI Compliant Cloud Solutions, call us at 877-700-WHOA or complete the form to request a free consultation.