PCI-DSS Compliance

PCI-DSS Compliance

Vocus
Nextgen
megaport
Dell
VMware
Vocus
Nextgen
Megaport
Dell
VMware

Entity Data is a PCI-DSS Level 2 Service Provider

Entity Data is a PCI-DSS Level 2 Service Provider

The Payment Card Industry Data Security Standard (PCI-DSS) is an information security standard administered by the PCI Security Standards Council, which was founded by American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc.


PCI-DSS applies to all businesses that store, process or transmit cardholder data and/or sensitive authentication data including merchants, processors, acquirers, issuers, and service providers. The PCI-DSS is mandated by the card brands and administered by the Payment Card Industry Security Standards Council.


Entity Data can work with clients to assess, implement and manage a secure hosted environment to help meet the requirements of PCI-DSS Compliance. Please check our Frequently Asked Questions section below and/or contact a sales specialist to discuss.

PCI-DSS Requirements

Your hosted environment must enforce the following 12 requirements from the PCI-DSS standard.

PCI ControlEntity Data’s Solution
Install and maintain a firewall configuration
to protect cardholder data
Entity Data’s Firewalling solution powered by Check Point® provides high-performance enterprise-grade
protection for your hosted environment. Firewall solutions are fully managed and monitored around
the clock by our security engineers.
Learn More
Do not use vendor-supplied defaults for
system passwords and other security
parameters
Entity Data’s Intrusion prevention and vulnerability assessment services are powered by Check Point®
and Alert Logic®, working together to provide advanced pro-active protection against internal and
external threats.
Learn More
Protect stored cardholder dataNot applicable – You must implement this requirement.
Encrypt transmission of cardholder data
across open, public networks
Entity Data offers a wide range of SSL Certificates from Geotrust, Comodo and Symantec to address this
requirement. Extended Validation (EV), Organisation Validated (OV) and Domain Validated (DV)
SSL Certificates are available.
Learn More
Use and regularly update anti-virus software
or programs
Entity Data’s fully managed anti-virus solution powered by AVG® provides powerful protection for your
servers against Viruses, Trojans, Spyware, Ransomware and other Malware.
Develop and maintain secure systems and
applications
Entity Data’s Web Application Firewall (WAF) powered by Citrix® Netscaler™ AppFirewall™ provides
an advanced layer of protection for your hosted websites and web applications. WAFs are designed to
inspect all traffic and mitigate attacks without slowing down web application performance.
Learn More
Restrict access to cardholder data on a
need-to-know basis
Entity Data will work with you to create a user registration document prior to the creation of user
accounts and token allocation. This document must be maintained throughout the lifecycle of the
hosted environment.
Assign a unique ID to each person with
computer access
Entity Data’s Multi-factor authentication solution is powered by RSA SecurID® Suite, providing strong
access management, identity governance, and user lifecycle solutions to strengthen security and
ensure compliance.
Learn More
Restrict physical access to cardholder dataEntity Data’s data centres meet Tier-2 world class standards and address all the requirements of
physical security with regard to PCI-DSS compliance.
Learn More
Track and monitor all access to network
resources and cardholder data
Entity Data’s Multi-factor authentication solution is powered by RSA SecurID® Suite, providing strong
access management, identity governance, and user lifecycle solutions to strengthen security and
ensure compliance.
Learn More
Regularly test security systems and processEntity Data’s Intrusion prevention and vulnerability assessment services are powered by Check Point®
and Alert Logic®, working together to provide advanced pro-active protection against internal and
external threats.
Learn More
Maintain a policy that addresses information
security for all personnel
Not applicable – You must implement this requirement.

PCI-DSS Requirements

Your hosted environment must enforce the following 12 requirements from the PCI-DSS standard.

Frequently Asked Questions

More Questions? Call us on 1300 551 084 or Contact Us

More Questions?
Call us on 1300 551 084 or Contact Us