PCI Certified Service Provider

PCI DSS Compliance Solutions

Hyve was among the first to achieve Level 2 PCI Certified Service Provider status and is an active member of the PCI Security Standards Council. The PCI DSS standard provides a definitive set of requirements for merchants seeking to maintain PCI DSS compliance.

What is PCI DSS Compliance?

Payment Card Industry Data Security Standard (PCI DSS) is a collection of security processes and protocols that make sure that all companies that accept, process, store or transmit card data keep a secure environment.

Hyve was among the first to achieve Level 2 PCI Certified Service Provider status and is an active member of the PCI Security Standards Council. The PCI DSS standard provides a definitive set of requirements for merchants seeking to maintain PCI DSS compliance.

Our PCI solution is based on industry proven methodologies. Our GPCI and CISSP certified professionals designed this solution to meet all PCI service provider requirements.

As a key element of our turnkey solution, we take a consultative approach with clients to ensure that the dual requirements of PCI DSS are clearly understood prior to implementation. We then define a clear plan for merchants to achieve and maintain PCI compliance.

Our turnkey solution includes the following fully managed services: firewall, two-factor authenticated VPN, antivirus / anti-malware, intrusion detection, vulnerability assessment and notification, event management, file / system integrity monitoring, change control, patch management, project management, server configuration and management. Hyve’s physical security and policies and procedures meet or surpass PCI requirements and are audited annually by a Qualified Security Assessor. Clients can leverage Hyve’s Report on Compliance to fulfil on-site audit requirements.

15 Questions for your prospective PCI DSS Service Provider

  • Are you a PCI DSS certified service provider?
  • Do you provide clearly defined details of which requirements are my responsibility and which are the service provider’s?
  • Do you offer a two-factor authentication solution for my employees who require remote access to our solution?
  • Do you require your employees to use two-factor authentication when managing our solution?
  • Do you offer daily (or automated real-time) log review, and store those logs for the required one year retention period?
  • Do you protect the archived logs from modification via integrity checks and establish a verifiable chain of custody so that they may be used as forensic evidence?
  • Do you implement file and system integrity monitoring so you are alerted if any critical system settings or files are altered that result in putting our solution out of compliance?
  • Do you follow the proper four change control procedures as outlined by the PCI DSS specification (document impact and rollback procedures, receive management approval, and perform operational testing)?
  • Do you architect our solution into multiple VLANs and configure your network security devices in accordance with the PCI DSS specification?
  • Do you offer Patch Management Services to guarantee patches are applied within the required 30 days?
  • Do you have audited policies and procedures which adhere to section 12 of the PCI DSS?
  • Do you offer Intrusion Detection, Vulnerability Assessment, and Antimalware services?
  • Do you offer penetration testing?
  • Does your security staff have CISSP, CISA, CISM, GCPI, SCSA, Security+, and MSCE 2003: Security certifications?
  • Do you meet the physical security requirements including 90 days of video retention in your data centres?

Configure your ultimate cloud platform today   Start Configuration

Find out why Safestore adopted Hyve as their hosting provider

Case Studies


Hyve are 100% carbon neutral. We use carbon offsetting to balance out the release of carbon dioxide from our offices and infrastructure.