Mako Networks, a cloud-based network management and security company, has been certified for a third consecutive year as compliant with the Payment Card Industry Data Security Standards (PCI DSS).
Mako was the first network management company in the world to pass the rigorous audit process in 2010, and today continues its market leadership as a Level 1 service provider - the highest security clearance attainable for protecting credit card data.
"The heart of our business is protecting customer data, in its many forms and wherever it resides in the network," said Bill Farmer, CEO of Mako Networks. "Our annual PCI DSS audit is an intensive process, but one we look forward to each year as it reaffirms confidence in our company and solutions as among the world's elite in protecting cardholder data."
In order to maintain its compliance status, each year Mako must undergo thorough analysis from an external auditor to ensure its business, processes and documentation meet the more than 200 requirements of the PCI DSS. The audit evaluates physical site security, integrity of business processes, completeness of documentation and even involves interviews with key staff regarding security practices.
The audit culminates in an annual worldwide Report on Compliance (RoC), issued for 2012 by Verizon Business.
The new RoC attests to the overall security of Mako's solutions, including a cloud-based Central Management System, and network appliances installed at customer locations. Merchants that use the Mako System to protect their payment card data can apply the Mako RoC in their own annual audits, drastically reducing the scope and number of technical questions they're required to complete.
Any business that processes, stores or transmits credit card data is required to meet the PCI DSS on an annual basis, either by self-assessment for smaller businesses, or by independent audit from a Qualified Security Assessor.
"We've done the hard work so merchants don't have to," said Bill. "Since Mako is independently PCI DSS-certified, any merchant deploying our system can apply our certification to simplify the network management sections of their own annual audit process. For the difficult technical aspects of network compliance, this will come as particularly welcome relief."