Lifeline Data Centers is proud to announce that we now have proven and verifiable PCI Compliance in the form of a PCI DSS AOC (Attestation of Compliance) and PCI DSS ROC (Report on Compliance), a vital qualification for data centers handling payment card data.
As data breaches grow into routine (and costly) occurrences, data security and compliance have evolved into indispensable business enablers.
The act of delegating data hosting or processing functions to a service provider doesn’t mean you’re any less responsible for risks or harm to the data entrusted to you.
“Security is of paramount importance, and service providers present systemic risk challenges to organizations trying to bridge their security control gaps,” says Ron Pelletier, VP and Executive Manager of Pondurance, an information security consulting company headquartered in Indianapolis, IN. “The transference of responsibility for system hosting or data processing, unfortunately, does not translate entirely to a transference of risk. This is particularly true as organizations are expected to exercise due diligence in qualifying their third party providers, and their security posture.”
It’s why verified compliance with the Payment Card Industry Digital Security Standard (PCI DSS) is a vital qualification for your chosen data center, and one we’re proud to possess.
Why PCI DSS Matters
To be clear, PCI DSS arms you with the best chance of securing cardholder data under your care. All entities handling payment card data, whether merchants, banks or service providers, are required to be compliant with the standard.
“Achieving PCI DSS is, in itself, not a small task. The larger and more difficult task is actually sustaining an effective security posture over time,” says Pelletier. “While security and compliance should not be made mutually exclusive, many organizations measure their security effectiveness through the lens of their compliance state. As compliance does not automatically mean secure, it is not unreasonable for a company to be rated as ‘compliant’ against a standard yet have vulnerabilities that invite a data breach. Having worked with Lifeline Data Centers, it is clear this is an organization that understands the difference between compliance and security, and is keen to achieve both.”
The key to compliance you can trust is the difficult task of pairing it with ongoing, effective security, as opposed to a one-time event. Lifeline understands the urgency of compliance and security working together, and we’re proud of our reputation for achieving both.