Interoute strengthens cloud offering for retail and commerce companies with PCI-DSS 3.2 compliance
Interoute, the global cloud and network provider, has announced that following an official audit of the Interoute Virtual Data Centre (VDC) service, it is now fully compliant with the Payment Card Industry Data Security Standard (PCI-DSS) 3.2 as a level 1 service provider.
Interoute VDC is global Infrastructure-as-a-Service platform with 17 locations across Europe, the USA and Asia, which features an integrated low-latency private network more than 70,000 km long. It offers simple hybrid integration with legacy IT, data centres, other clouds and containers, and full automation which means users can bring up compute, storage and networking resources with a few clicks or via API.
The PCI-DSS standard is designed to protect data that is processed, transmitted and stored during manual or electronic payment transactions. The Interoute VDC platform is now PCI-DSS 3.2 certified, with individual data centres being brought into scope on an ongoing basis in line with customer demand. The accreditation will be attested annually and ensures that Interoute’s customers can securely use its scalable cloud platform and integrated low latency, high-capacity network, to store and process credit card information.
“The PCI-DSS standard combined with Interoute VDC offers businesses that take card payments a secure, low-latency and geographically diverse cloud for supporting data residency requirements,” commented Killian Faughnan, Group CISO of Interoute. “With 13 European locations in 9 countries, as well as locations in the USA, Singapore and Hong Kong, Interoute’s cloud supports the needs of European businesses requiring a card payment assured, global platform to support their growth and expansion.”
As part of the compliance requirements, Interoute was audited by Razorthorn, an approved Qualified Security Assessor (QSA). The PCI-DSS 3.2 accreditation includes a commitment to install and maintain a firewall configuration to protect cardholder data, encrypted transmission of cardholder data across open, public networks and the ability to restrict access to cardholder data to help protect against fraud.
Companies, such as retail and commerce providers, can be assured that Interoute VDC has been thoroughly tested against the latest set of PCI compliance requirements ahead of the implementation deadline on the 1st February 2018.