(WEB HOST INDUSTRY REVIEW) — Next-generation data center and network access point Phoenix NAP (www.phoenixnap.com) has become a PCI DSS validated services provider, enabling data center clients to leverage Phoenix NAP’s many physical security systems to protect their data and equipment, while meeting a portion of the Payment Card Industry Data Security Standard.
Late last week, Phoenix NAP announced it had passed an independent PCI DSS audit performed by Coalfire Systems (www.coalfiresystems.com). PCI DSS is a widely accepted set of both physical and electronic security mandates designed to protect cardholder data and online consumer transactions. Compliance requires any business that accepts, stores, or transmits credit card payments or electronic funds to be in compliance.
“One result of the increasingly data-driven business climate is an uptick in consumer protection measures,” Phoenix NAP president Ian McClarty said in a statement. “The recognition of our data center as a PCI DSS validated services provider can help clients meet the physical security portion of their PCI audits, and also help them meet portions of other industry-specific regulations such as SOX, HIPAA, or GLBA.”
A number of physical and procedural security systems of Phoenix NAP were acknowledged and validated in the compliance report, including the data center’s two mantraps, visitor sign-in process, and the several access control measures in place throughout the facility. Earlier this year, Phoenix NAP launched Phoenix NAP Interactive, which provides a virtual tour showcasing the layout, design, and operational features of the data center including its fiber trenches, mechanical and electrical distribution equipment, security systems, and room layouts.
“The PCI validation notwithstanding, a major operational focus for us is our overall facility security,” McClarty added. “The systems we have in place ensure we have accountability for everyone in our data center at all times.”
Phoenix NAP is listed on VISA’s Global List of PCI DSS Validated Service Providers, and is also a SAS 70 Type I certified facility.
