PCI DSS Compliance Solutions
Hyve was among the first to achieve Level 1 PCI Certified Service Provider status and is an active member of the PCI Security Standards Council. The PCI DSS standard provides a definitive set of requirements for merchants seeking to maintain PCI DSS compliance.
Our PCI solution is based on industry proven methodologies and best-of-breed service offerings. Our GPCI and CISSP certified professionals designed this solution to meet all PCI service provider requirements.
As a key element of our turnkey solution, we take a consultative approach with clients to ensure that the dual requirements of PCI DSS are clearly understood prior to implementation. We then define a clear plan for merchants to achieve and maintain PCI compliance.
Our turnkey solution includes the following fully managed services: firewall, two-factor authenticated VPN, antivirus / antimalware, intrusion detection, vulnerability assessment and notification, event management, file / system integrity monitoring, change control, patch management, project management, server configuration and management. Hyve’s physical security and policies and procedures meet or surpass PCI requirements and are audited annually by a Qualified Security Assessor. Clients can leverage Hyve’s Report on Compliance to fulfill on-site audit requirements.
15 Questions for your prospective PCI DSS Service Provider
- Are you a PCI DSS certified service provider?
- Do you provide clearly defined details of which requirements are my responsibility and which are the service provider’s?
- Do you offer a two-factor authentication solution for my employees who require remote access to our solution?
- Do you require your employees to use two-factor authentication when managing our solution?
- Do you offer daily (or automated real-time) log review, and store those logs for the required one year retention period?
- Do you protect the archived logs from modification via integrity checks and establish a verifiable chain of custody so that they may be used as forensic evidence?
- Do you implement file and system integrity monitoring so you are alerted if any critical system settings or files are altered that result in putting our solution out of compliance?
- Do you follow the proper four change control procedures as outlined by the PCI DSS specification (document impact and rollback procedures, receive management approval, and perform operational testing)?
- Do you architect our solution into multiple VLANs and configure your network security devices in accordance with the PCI DSS specification?
- Do you offer Patch Management Services to guarantee patches are applied within the required 30 days?
- Do you have audited policies and procedures which adhere to section 12 of the PCI DSS?
- Do you offer Intrusion Detection, Vulnerability Assessment, and Antimalware services?
- Do you offer penetration testing?
- Does your security staff have CISSP, CISA, CISM, GCPI, SCSA, Security+, and MSCE 2003: Security certifications?
- Do you meet the physical security requirements including 90 days of video retention in your data centres?
If you would like more information regarding our enterprise cloud hosting solutions, please complete our contact form or call us directly on 0800 612 2524.
“Customer service is great – Always feel appreciated as a client, and response times are excellent.”
“Site downtime could make us look unreliable to our customers. Hyve went above and beyond the call of duty to help us set up, one weekend we booked in migration on a Sunday, and we got everything sorted so that no-one saw any drop in e-mail or the site, and it all went over seamlessly.”
“Hyve have provided timely, professional support accompanied by clear progress updates at every stage.”
“The most important element is the fact you soon get to know the team behind the support. They inspire confidence in their abilities and knowledge of the systems they support.”
“British Airways global audience means that traffic spikes can occur at any time of the day or night. Hyve's cloud platform, combined with their always available support mean that we can sleep...”
“A very friendly and highly technical team available to extend all possible help at any time. Excellent services - all issues are dealt with appropriate priority and resolved asap. I am particularly impressed by...”
“The scalability of the cloud platform allows us to cope with high spontaneous levels of demand, and we know there are always Hyve staff available to help us handle the largest influx of traffic.”
“We're extremely happy with the service Hyve provide to us. In particular, we are incredibly impressed by the professionalism, expertise, and consistently rapid response of the support team.”
“It's reassuring to know that Hyve will take care of everything server-side so we can focus on doing what we do, building the website.”
“We've been using Hyve for over a year now for a wide range of websites, all with different requirements and issues, and we've always found Hyve amazingly fast to respond, incredibly helpful, proactive...”
“My experiences with Hyve have been very good. The response time is quick so you don't spend your time on a telephone waiting. The staff are always very efficient. Thank you all for your help and patience.”
“Since moving our servers to the Hyve infrastructure I have nothing but good things to say about the levels of service received. I find the support I receive to be of excellent quality and very timely...”
“The sales and customer service support provided by Hyve is some of the best I have seen. Support tickets are responded to swiftly. Both our FTP and SFTP services have experienced 100% uptime over the last 2 years which is very impressive. Hyve provides tremendous value for money.”