The Bunker has launched its new PCI Cloud solution. Available as a multi-tenancy or single environment, The Bunker’s PCI Cloud solution has been designed to meet all 12 PCI DSS requirements, making it one of just four UK Managed Services Hosting Providers on the VISA Merchant Agent List capable of delivering full compliance with the new PCI DSS standards v3.0.
Having come into force on January 1 2015, the new PCI DSS standards v3.0 put the responsibility of compliance for all 12 key areas of PCI DSS on the business itself – regardless of whether it is working with a third-party specialist. Many Service Providers currently only have ‘Hosting Provider’ VISA status, which makes them compliant with as little as two of the 12 requirements and leaves the customer to manage the rest. This makes the enterprise more liable to regulatory fines.
“Businesses need to ascertain whether the MSP really understands that their own requirements are in sync with PCI DSS requirements and whether they have the expertise to manage and maintain environments,” warns Peregrine Newton, CEO of The Bunker. “Under the new standards, if an outsourced compliance partner does not offer all 12 of the PCI requirements, the business will be answering direct to auditors and liable to regulatory fines, which can have a grave impact on the bottom line.”
To mitigate this risk, The Bunker has wrapped its Ultra Secure Colocation and Hosting Cloud Services around IBM and Egenera software technologies to ensure customers receive a fully compliant solution and not just a PCI DSS aligned environment. Working with a VISA-approved ‘Managed Services Hosting Provider’ not only addresses all 12 PCI requirements but, by achieving compliancy, acts as a source of business advantage by introducing efficiency and streamlining many operational IT processes.
“PCI DSS is a now a business issue rather than an IT problem, with decisions around compliance being escalated from IT directly to the boardroom,” continues Newton. “With a plethora of service providers now marketing themselves as ‘fully compliant’, it puts businesses at a greater risk under the new standards because the buck stops with them should they fail to apply due diligence where MSPs are concerned. A Hosting Partner is a world away from a Managed Services Hosting Provider and not investigating the difference between the two could land businesses in hot water when it comes to PCI 3.0.”
