Logicalis, the international IT solutions and managed services provider, today announced that it has met a set of PCI DSS compliance standards for its multi-tenanted Infrastructure-as-a-Service platform, enabling UK customers to confidently adopt its cloud and data centre services as part of their wider PCI DSS compliance programmes.
Any organisation looking to store, process, or transmit payment card data in a cloud or data centre setting today, must clearly understand the control of the environment - the provider, the systems, services and processes - housing their data. The fully PCI compliant certification at Logicalis provides an assured foundation for businesses on the path to meeting and maintaining compliance in an increasingly complex regulatory environment. Ben Williams, chief cloud technologist at Logicalis UK, explains:
"Organisations cannot outsource the responsibility for compliance, but they can source services responsibly and find platforms and solutions that will support them in their compliance programmes and objectives. Meeting, and staying on top of, PCI regulations can be complicated and our chosen approach is to ensure we do our part in easing that complexity.
"We are not waving a magic wand for instant PCI DSS compliance, but we are assuring customers that our foundation - from all of our people to the network and systems we use, and every process in between - is a fully compliant one for them to build upon."
Logicalis worked with cyber security and risk specialists Nettitude to audit the environment against the PCI DSS requirements. Ben Densham, head of compliance at Nettitude, comments, "Nettitude worked with Logicalis over a period of time to achieve PCI compliance within its cloud solution. As part of a select group of IaaS Providers that are accredited to the standard, Logicalis is leading the way when it comes to enforcing best practice security of this kind."
"Organisations that outsource their infrastructure responsibilities can utilise this solution with a level of confidence, not only for card holder data environments but for many other areas where a high level of security is required to be maintained."