Lifeline Data Centers is proud to announce that we now have proven and verifiable PCI Compliance in the form of a PCI DSS AOC (Attestation of Compliance) and PCI DSS ROC (Report on Compliance), a vital qualification for data centers handling payment card data.
As data breaches grow into routine (and costly) occurrences, data security and compliance have evolved into indispensable business enablers.
The act of delegating data hosting or processing functions to a service provider doesn’t mean you’re any less responsible for risks or harm to the data entrusted to you.
“Security is of paramount importance, and service providers present systemic risk challenges to organizations trying to bridge their security control gaps,” says Ron Pelletier, VP and Executive Manager of Pondurance, an information security consulting company headquartered in Indianapolis, IN. “The transference of responsibility for system hosting or data processing, unfortunately, does not translate entirely to a transference of risk. This is particularly true as organizations are expected to exercise due diligence in qualifying their third party providers, and their security posture.”
It’s why verified compliance with the Payment Card Industry Digital Security Standard (PCI DSS) is a vital qualification for your chosen data center, and one we’re proud to possess.
Why PCI DSS Matters
To be clear, PCI DSS arms you with the best chance of securing cardholder data under your care. All entities handling payment card data, whether merchants, banks or service providers, are required to be compliant with the standard.
“Achieving PCI DSS is, in itself, not a small task. The larger and more difficult task is actually sustaining an effective security posture over time,” says Pelletier. “While security and compliance should not be made mutually exclusive, many organizations measure their security effectiveness through the lens of their compliance state. As compliance does not automatically mean secure, it is not unreasonable for a company to be rated as ‘compliant’ against a standard yet have vulnerabilities that invite a data breach. Having worked with Lifeline Data Centers, it is clear this is an organization that understands the difference between compliance and security, and is keen to achieve both.”
The key to compliance you can trust is the difficult task of pairing it with ongoing, effective security, as opposed to a one-time event. Lifeline understands the urgency of compliance and security working together, and we’re proud of our reputation for achieving both.
Lifeline’s PCI DSS Compliance at a Glance
- Required for all entities handling payment card data.
- Vital qualification for your chosen data center.
- Requires ongoing monitoring, assessments, and proactive remediation of vulnerabilities.
- Lifeline’s PCI DSS compliance was verified by third-party auditor Pondurance.
- Need clarification on anything? Contact us. We’re glad to help.
Pondurance Highlight: Lifeline’s Third-Party PCI DSS Auditor
PCI DSS requires ongoing monitoring, assessments, and proactive remediation of vulnerabilities — all validated by a reputable, third-party auditor. Pondurance served as that unbiased auditor, verifying Lifeline’s PCI compliance.
Pondurance is among the elite security services providers with six quality security assessors (QSAs) on staff, making them one of the largest Indiana-based providers of PCI services. The company has leveraged open-source technologies that provide a scalable and secure approach to their clients in the form of tools and solutions. The development of their threat management solution, Network Security Monitoring (NSM), continues to grow and Pondurance continues to gain market share and annuity-based revenue, all while openly competing with some of the largest commercial tools available.
As a reputable authority in the security testing and governance space within the state of Indiana, Pondurance is leveraging its relationships in its pursuit to dominate market share in the managed security space, and to replicate that success nationwide.
We thank Pondurance for their synergistic partnership with Lifeline Data Centers and wish them continued success in the security, continuity, and compliance fields.