The problems with PCI compliance

For some, server infrastructure is often dated, or too costly, to manage sensitive data acquisition and distribution requirements with regards to payment data or personally identifiable information. Organisations also suffer if they don’t have the tools to allow staff to comply with security policy regarding sensitive information.

This puts your organisation at risk of failing a PCI DSS audit – or worse, a data breach involving sensitive customer information. What’s more, it can be too costly to implement an MPLS network to all your data collection points (e.g. stores/roving sales representatives) regionally or globally.

PCI Compliant Data Hosting

The Maytech solution

Maytech provides PCI compliant data acquisition, PCI data storage and PCI data sharing services. Our secure transfer protocols enable safe and PCI DSS-compliant data transfer workflow support.

Using secure protocols and a platform that passes PCI penetration tests, we ensure PCI-compliant workflows and limit organisations’ PCI DSS scope. All this with the cost and reach benefits of the cloud – delivering an enterprise class information work flow.

Data is encrypted in transit using SFTP or HTTPS and at rest using AES-256 encryption. We subscribe to penetration testing and PCI Compliance scanning services from McAfee Secure. Quatrix® customers can purchase a licence for a dedicated McAfee PCI compliance scan and are therefore able to post the McAfee secure logo on the site.

Maytech is an ISO 27001 certified service provider with accredited data centres. Our ISO 27001 certification and our PCI SAQ (level D) together with Attestation of Compliance are available on request.

What are the benefits to Maytech’s PCI compliant hosting?

Using Maytech can reduce the scope of your PCI audit. You know that security controls meet PCI certification standards and your site will pass a PCI penetration test. As a PCI compliant hosting provider, we also run daily McAfee scanning for over 40,000 vulnerabilities and PCI specific vulnerabilities ensuring potential risks are identified in a timely manner.

As with all Maytech products, our PCI and SAS 70 (now SSAE 16) compliant hosting also includes an administration hierarchy which enables delegation of roles and granular access controls alongside comprehensive tracking and reporting to ensure full visibility and accountability.

The following diagram shows how our systems keep your data PCI Compliant.

Maytech PCI diagram

Our products

Secure and compliant solution for sharing sensitive data
Find out more
Quatrix China
Fast and reliable transfers for files of any size into and out of China
Find out more
Quatrix Vault
Tokenization API for secure, remote storage of PCI customer data
Find out more
Quatrix Vault
Managed cloud archive for long term storage and infrequent retrieval
Find out more

Can we help with Secure File Sharing requirements?

Secure your data transfers with Quatrix

Try it free Book demo
Matt White (CISO) on choosing Quatrix for Enterprise Security Read article