February 1, 2017
New designation guarantees optimal security, privacy and availability for customers
Markham, Ont. – January 31, 2017 – Pathway Communications today announced that the company has successfully completed the requirements for Payment Card Industry Data Security Standard compliance. PCI DSS is a global financial information security standard intended to keep debit and credit card holders safe from online security breaches. It ensures that any company processing credit card transactions or storing transaction data adheres to the highest technical standards. The PCI DSS certification extends Pathways’ already robust data security and privacy services to the company’s diverse and dedicated customer base.
Pathway’s Tier 3 data centre houses some of the largest organizations in Canada. As part of an ongoing commitment to provide the most reliable and secure IT solutions to our clients, Pathway Communications engaged an independent auditing firm to assess the data centre and private cloud infrastructure for PCI DSS compliance. The result was not only a pass, but the audit discovered that the existing security processes required almost no change to obtain the PCI DSS 3.1 certification.
All of Pathway’s Data Centre services including Private Cloud are now fully PCI DSS 3.1 certified.
“What this means for all our clients is additional assurance of data security and processes that have been tested against, and passed, the strict requirements set out by the payment card industry. Your data is secured, always private and access is strictly controlled.” says David Polt, Marketing Manager of Pathway Communications. “The addition of PCI to our list of certifications makes Pathway Communications one the most certified and secured facility in North America” PCI DSS certification benefits all organizations, even when not processing transactions. Here’s a high-level overview of what a PCI DSS audit covers and certifies that Pathway’s Data Centre meets or exceeds the standard: Build and Maintain a Secure Network and Systems- Install and maintain a firewall configuration to protect cardholder data
- Do not use vendor-supplied defaults for system passwords and other security parameters
- Protect stored cardholder data
- Encrypt transmission of cardholder data across open, public networks
- Protect all systems against malware and regularly update anti-virus software or programs
- Develop and maintain secure systems and applications
- Restrict access to cardholder data by business need to know
- Identify and authenticate access to system components
- Restrict physical access to cardholder data
- Track and monitor all access to network resources and cardholder data
- Regularly test security systems and processes
- Maintain a policy that addresses information security for all personnel