To combat identity theft and sensitive data security breaches, major credit card companies combined to create the Payment Card Industry Data Security Standard (PCI DSS). This standard applies to the security practices of merchants, processors, and point-of-sale providers handling and storing sensitive account information.
Organizations processing credit cards and storing credit card information are responsible for establishing, testing, and maintaining security practices that keep sensitive data safe. Credit card issuers and financial institutions can enforce PCI DSS compliance by imposing fines up to $500,000 per incident and terminating your credit card processing services.
Credit card data backup may be a critical daily activity for your organization. Online backup services satisfy the need to store your data offsite in case of fire, flood or theft. Remote Data Backups has been protecting thousands of satisfied clients for over a decade, and our data centers are certified as PCI compliant.
Compliance with PCI Security Standards
Here are the PCI DSS data security regulations relevant to data backup services, and how Remote Data Backups helps you comply with each:
- #3: Protect stored cardholder data
Data is more secure with Remote Data Backups than stored locally on a network, or on portable media such as tape, DVD, USB, external drive, etc., that can be lost, stolen or damaged.
- #4: Encrypt transmission of cardholder data across open, public networks
Remote Data Backups encrypts data using bank-level AES encryption before it leaves your computer, in transit, and while stored at our two mirrored data centers using Secure Socket Layer (SSL) technology.
- #7: Restrict access to cardholder data by business need-to-know
The private encryption key is created by the end-user. Data that is backed up to our system can’t be accessed without the encryption key. Keys can be changed within the backup agent with use of the existing key.
- #9: Restrict physical access to cardholder data
Our private underground data centers feature the tightest physical and technical safeguards to prevent unauthorized access. Both feature Level 4 Security, hardened facilities with limited administrative access, finger scanners for physical access, motion detectors and camera tracking.
- #10: Track & monitor all access to network resources & cardholder data
Our backup agent includes detailed logs of all account activity. All failed account access attempts are logged and reviewed at the data center to prevent unauthorized access.
- #11: Regularly test security systems and processes
Clients can run test restores at any time to ensure the integrity and retrievability of their data. Each server platform has fail over and redundancy, continuous server monitoring and performance tuning, assuring that storage capacity is never exceeded.
- #12: Maintain a policy that addresses information security
A data backup and recovery plan is an essential component of a PCI DSS information security plan, which Remote Data Backups can provide you at no additional charge. The plan outlines the steps to ensure your data is securely, reliably and regularly backed up offsite, and that your data is readily available in the event you have a system failure or other form of data loss.
Protect your data with Remote Data Backups. Click here to get started!
Questions? Give us a call at 1-866-722-2587.