Linux PCI Host

PCI Compliant Dedicated Hosting

PCI compliant dedicated servers are perfect for larger small to medium size businesses. You have more resources, such as CPU and RAM, so it can handle higher traffic sites, especially during peak times. It can also be scaled, where you can load balance across multiple web and/or database servers. With multiple servers, this also allows for a failover option, to provide a higher availability environment.

The proper way to have a dedicated server pci compliant setup is to have at least 2 servers, with one behind a firewall and on a private IP address with no access to or from the Internet. By blocking access from the Internet, you ensure no one can directly hack in and steal your credit card database, which should be encrypted of course. And by blocking access to the Internet you ensure that no credit card data leaves that server and travels across the Internet. For example, if you accidentally were copying the data to another server across and insecure protocol, or if the server was somehow infected with a bot, which could allow a hacker to have your server send out information to him.

Some features to look for when selecting a provider for your PCI Dedicated Server are:
  • Daily PCI Scanning from an ASV (Approved Scanning Vendor)
  • 2nd Database Server located on a private network
  • PCI Approved Hardware Firewall, such as the Cisco ASA stateful firewall
  • Offsite Backups that can be readily available in the event of a disaster
  • Free Security Updates including regular updating of the Linux kernal and other packages
  • Daily Log Review to help identify potential hackers before they strike
  • Hardening of the OS, such as Penguin's 17 Point Security & Hardening Process
  • Premium and Redundant backbone providers, and at two teir backup power system
    part of security is availability, you need your site up for customers to get to 24x7
PCI Dedicated ServersPCI Approved FirewallPayment Card Industry Compliant
If you don't understand all the PCI requirements, don't worry! That is what the host is for, and once you find a good host, they will help you along every step of the way, from getting started which is the hardest part, and on to continually helping you patch and keep your server secure. The will also setup regular scanning by a PCI certified approved scanning vendor.

A full list of PCI ASVs can be found here:
PCI Approved Scanning Vendors
At Penguin Web Hosting we have a partnership with a few ASVs that do the scanning for our clients, this helps by providing a 3rd eye on security and ensuring we are doing everything right to keep your site, and business secure!

Before selecting a payment card industry compliant host, you should do a PCI DSS overview so you have an idea of what they will be doing, and what areas you need the most assistance in. Penguin Web Hosting, a leading provider of dedicated servers that meet PCI compliance have security certified personnel available to answer any questions you have, and offer PCI consulting on any areas you are unsure of.
PCI Certified Hosting | Web Hosting Plans | Dedicated Servers | Hosting Support | Terms of Use | Privacy Policy | Search Engine Optimization
All Rights Reserved 2001-2012