Pathway Communications Achieves PCI DSS Certification
New designation guarantees optimal security, privacy and availability for customers
Markham, Ont. – January 31, 2017 – Pathway Communications today announced that the company has successfully completed the requirements for Payment Card Industry Data Security Standard compliance. PCI DSS is a global financial information security standard intended to keep debit and credit card holders safe from online security breaches. It ensures that any company processing credit card transactions or storing transaction data adheres to the highest technical standards. The PCI DSS certification extends Pathways’ already robust data security and privacy services to the company’s diverse and dedicated customer base.
Pathway’s Tier 3 data centre houses some of the largest organizations in Canada. As part of an ongoing commitment to provide the most reliable and secure IT solutions to our clients, Pathway Communications engaged an independent auditing firm to assess the data centre and private cloud infrastructure for PCI DSS compliance. The result was not only a pass, but the audit discovered that the existing security processes required almost no change to obtain the PCI DSS 3.1 certification.
All of Pathway’s Data Centre services including Private Cloud are now fully PCI DSS 3.1 certified.
“What this means for all our clients is additional assurance of data security and processes that have been tested against, and passed, the strict requirements set out by the payment card industry. Your data is secured, always private and access is strictly controlled.” says David Polt, Marketing Manager of Pathway Communications. “The addition of PCI to our list of certifications makes Pathway Communications one the most certified and secured facility in North America”
PCI DSS certification benefits all organizations, even when not processing transactions. Here’s a high-level overview of what a PCI DSS audit covers and certifies that Pathway’s Data Centre meets or exceeds the standard:
Build and Maintain a Secure Network and Systems
- Install and maintain a firewall configuration to protect cardholder data
- Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder Data
- Protect stored cardholder data
- Encrypt transmission of cardholder data across open, public networks
Maintain a Vulnerability Management Program
- Protect all systems against malware and regularly update anti-virus software or programs
- Develop and maintain secure systems and applications
Implement Strong Access Control Measures
- Restrict access to cardholder data by business need to know
- Identify and authenticate access to system components
- Restrict physical access to cardholder data
Regularly Monitor and Test Networks
- Track and monitor all access to network resources and cardholder data
- Regularly test security systems and processes
Maintain an Information Security Policy
- Maintain a policy that addresses information security for all personnel
The PCI DSS guidelines put in place stringent requirements and testing procedures to ensure that appropriate precautions are taken to keep the customer data safe no matter where it is stored or transmitted. If your organization values data security and privacy, look for the PCI DSS certified seal. Clients/interested parties who would like to see Pathway’s PCI DSS AOC report should contact sales@pathcom.com