OneNeck® IT Solutions has announced the company has completed validation of their colocation services by the Payment Card Industry (PCI) Data Security Standard (DSS). OneNeck completed the PCI DSS version 3.2 “Level 1” service provider validation.
According to the PCI Security Standards Council, any merchant who outsources the transmission, processing or storage of payment card data to a third-party is required to verify the provider adheres to the standard. OneNeck proactively requests the assessment of their colocation services, undergoing close scrutiny of their top-tier data centers in Arizona, Colorado, Iowa, Minnesota, Oregon, and Wisconsin.
The standards OneNeck specifically focuses on receiving PCI DSS validation for include:
- Restricting physical access to cardholder data
- Maintaining a policy that addresses information security for all personnel
“For our customers, this validation provides additional assurance that we have the security controls in place to protect their data,” said Clint Harder, CTO and SVP at OneNeck. “Demonstrating we are PCI DSS compliant and audit-ready, especially with our diverse geographic data center locations, is critical to our customers. It shows them we can securely host their environments as well as deliver other PCI controls to meet the specific cloud and managed services we provide.”
The assessment was performed by Shellman & Company, Inc., an independent CPA firm with extensive IT service provider experience. Securing PCI DSS validation follows last week’s news that OneNeck completed the Type 2 SSAE 16 (SOC 1) and (SOC 2) examination.