OneNeck® IT Solutions has completed the Payment Card Industry (PCI) Data Security Standard (DSS) version 3.2 “Level 1” service provider validation.
The PCI Security Standards Council requires all merchants who outsource the transmission, processing or storage of payment card data to a third-party to verify the provider adheres to the standard. OneNeck proactively requested the assessment of their colocation services, undergoing close scrutiny of their top-tier data centers in Arizona, Colorado, Iowa, Minnesota, Oregon, and Wisconsin.
“This validation offers customers assurance that we have the security controls in place to protect their data,” said Dave Flynn SVP of Operations and Engineering at OneNeck. “By demonstrating we are PCI DSS compliant and audit-ready, it validates, for our customers, that we can securely host their environments in our top-tier colocation facilities. It also clearly establishes we have the ability to meet specific cloud and managed services deliverables in compliance with other PCI controls.”
The PCI DSS assessment was performed by Schellman & Company, Inc., an independent CPA firm with extensive IT service provider experience. Securing PCI DSS validation follows recent news that OneNeck in compliant with the SSAE 18 examination and HIPAA and HITECH compliance attestation.
OneNeck now turns its attention toward the new PCI regulations that took effect on January 31, 2018. “We are aggressively pursuing avenues to meet or exceed the new 2018 PCI controls testing,” Flynn stated. “In addition, we will be including the testing of PCI controls governing the logical access and configuration management of our physical access systems in the 2018 audit cycle.”