Compliance

PCI DSS


Almost any business, both big and small, with some form of an online storefront needs to process credit card transactions and process or store credit card data even if they don't operate primarily as a retailer or wholesaler. Virtustream recognizes the need to ensure you secure credit card processing to protect sensitive card holder data. To this end, Virtustream maintains a compliance program for the Payment Card Industry Data Security Standard (PCI DSS) to ensure that the controls which Virtustream operates relative to its service are adequate to allow a customer to achieve PCI DSS compliance. Under PCI DSS, Virtustream is a service provider and provides an Attestation of Compliance (AOC) to customers from an independent third-party Qualified Security Assessor (QSA) firm.

Virtustream cloud services subject to the PCI DSS compliance include:

  • Virtustream Enterprise Cloud
  • Virtustream Storage Cloud

Region: Global

About PCI DSS

Payment Card Industry Data Security Standard (PCI DSS) is a globally recognized security standard that requires credit cardholder data to be hosted securely with a PCI-compliant hosting provider in order to process customer transactions. It applies to organizations of any size that accept credit card payments, and store, process, and transmit cardholder data, including online storefronts and retailers. PCI DSS is mandated by the credit card companies and administered by the Payment Card Industry Security Standards Council.