PCI Certified Service Provider

PCI DSS Compliance Solutions

Hyve was among the first to achieve Level 2 PCI Certified Service Provider status and is an active member of the PCI Security Standards Council. The PCI DSS standard provides a definitive set of requirements for merchants seeking to maintain PCI DSS compliance.

What is PCI DSS Compliance?

Payment Card Industry Data Security Standard (PCI DSS) is a collection of security processes and protocols that make sure that all companies that accept, process, store or transmit card data keep a secure environment. Our PCI solution is based on industry proven methodologies. Our GPCI and CISSP certified professionals designed this solution to meet all PCI service provider requirements. As a key element of our turnkey solution, we take a consultative approach with clients to ensure that the dual requirements of PCI DSS are clearly understood prior to implementation. We then define a clear plan for merchants to achieve and maintain PCI compliance.

Client Testimonials

The Hyve solution:

Our turnkey solution includes the following fully managed services: firewall, two-factor authenticated VPN, antivirus / anti-malware, intrusion detection, vulnerability assessment and notification, event management, file / system integrity monitoring, change control, patch management, project management, server configuration and management. Hyve’s physical security and policies and procedures meet or surpass PCI requirements and are audited annually by a Qualified Security Assessor. Clients can leverage Hyve’s Report on Compliance to fulfil on-site audit requirements.

15 Questions for your prospective PCI DSS Service Provider

  • Are you a PCI DSS certified service provider?
  • Do you provide clearly defined details of which requirements are my responsibility and which are the service provider’s?
  • Do you offer a two-factor authentication solution for my employees who require remote access to our solution?
  • Do you require your employees to use two-factor authentication when managing our solution?
  • Do you offer daily (or automated real-time) log review, and store those logs for the required one year retention period?
  • Do you protect the archived logs from modification via integrity checks and establish a verifiable chain of custody so that they may be used as forensic evidence?
  • Do you implement file and system integrity monitoring so you are alerted if any critical system settings or files are altered that result in putting our solution out of compliance?
  • Do you follow the proper four change control procedures as outlined by the PCI DSS specification (document impact and rollback procedures, receive management approval, and perform operational testing)?
  • Do you architect our solution into multiple VLANs and configure your network security devices in accordance with the PCI DSS specification?
  • Do you offer Patch Management Services to guarantee patches are applied within the required 30 days?
  • Do you have audited policies and procedures which adhere to section 12 of the PCI DSS?
  • Do you offer Intrusion Detection, Vulnerability Assessment, and Antimalware services?
  • Do you offer penetration testing?
  • Does your security staff have CISSP, CISA, CISM, GCPI, SCSA, Security+, and MSCE 2003: Security certifications?
  • Do you meet the physical security requirements including 90 days of video retention in your data centres?


View our certificate

PCI Certificate Hyve 2020

Start your journey today

Request a quotation Request a callback

Success Stories - PTA Events

Case Studies


Hyve are 100% carbon neutral. We use carbon offsetting to balance out the release of carbon dioxide from our offices and infrastructure.