OneNeck IT Solutions, a company offering hybrid IT solutions including cloud, hosting services and ERP application management, has completed the Payment Card Industry (PCI) Data Security Standard (DSS) version 3.2 ‘Level 1’ service provider validation.
The PCI Security Standards Council requires all merchants who outsource the transmission, processing or storage of payment card data to a third-party to verify the provider adheres to the standard. OneNeck proactively requested the assessment of their colocation services, undergoing close scrutiny of their data centers in Arizona, Colorado, Iowa, Minnesota, Oregon and Wisconsin.
“This validation offers customers assurance that we have the security controls in place to protect their data,” said Dave Flynn, SVP of Operations and Engineering, OneNeck. “By demonstrating we are PCI DSS compliant and audit-ready, it validates, for our customers, that we can securely host their environments in our top-tier colocation facilities. It also clearly establishes we have the ability to meet specific cloud and managed services deliverables in compliance with other PCI controls.”
The PCI DSS assessment was performed by Schellman & Company, an independent CPA firm with extensive IT service provider experience. Securing PCI DSS validation follows recent news of OneNeck being compliant with the SSAE 18 examination and HIPAA and HITECH compliance attestation.
OneNeck would now turn their attention toward the new PCI regulations that took effect on January 31, 2018. “We are aggressively pursuing avenues to meet or exceed the new 2018 PCI controls testing,” added Mr. Flynn. “In addition, we will be including the testing of PCI controls governing the logical access and configuration management of our physical access systems in the 2018 audit cycle.”