CloudSigma is PCI DSS Compliant

PCI DSS Compliant Public Cloud 

CloudSigma is compliant with the requirements of the Payment Card Industry Data Security Standard (PCI DSS). PCI DSS is an information security standard for organizations that handle branded credit cards from the major card schemes. The PCI Standard is mandated by the card brands but administered by the Payment Card Industry Security Standards Council. 

The PCI DSS standard aims to increase controls around cardholder data to reduce credit card fraud. You can review the documents that outline the framework to comply with the standard here.

What Does PCI DSS Guarantee?

• The Payment Card Industry Security Standards Council has a mission to enhance global payment account data security by developing standards and supporting services that drive education, awareness and effective implementation by stakeholders.
• The PCI Data Security Standard (PCI DSS) applies to all entities that store, process, and/or transmit cardholder data. It covers technical and operational practices for system components included in or connected to environments with cardholder data.
• The validation of compliance is performed annually or quarterly by a method suited to the volume of transactions handled (self-assessment questionnaire, external qualified security assessor, or firm-specific internal security assessor).


When we talk about private correspondence and documents sent via email, data privacy is of great
significance. CloudSigma is ISO 27001-certified as well as PCI-DSS compliant, which was one of our
main considerations when choosing our logistics cloud vendor.
Leading Technologies Supplier in Global Logistics

PCI DSS Standard Characteristics & Requirements

MasterCard, American Express, Visa, JCB International, and Discover Financial Services established the PCI SSC in 2006 as an administration/governing entity that mandates the evolution and development of PCI DSS. Independent/private organizations can participate in PCI development after proper registration.

 

The PCI DSS specifies twelve requirements for compliance, organized into six logically related groups called “control objectives.”  Each version of PCI DSS has divided these requirements into a number of sub-requirements differently. Each requirement/sub-requirement is additionally elaborated into three sections.

 

All companies who are subject to PCI DSS standards must be PCI compliant. There are four levels of PCI Compliance and these are based on how much you process per year, as well as other details about the level of risk assessed by payment brands. Each card issuer maintains its own table of compliance levels.

 

CloudSigma’s Certification of Validation of PCI DSS compliance is available to download upon request.