Cart is empty More

Data center users 'need to keep private data separate'

08/08/2012 | Data centers |

Data center users 'need to keep private data separate'

Keeping close control over where cardholder data is kept will be an essential step for any firms looking to become PCI compliant. It was noted by Dark Reading that although the 12 key requirements and 221 subrequirements for PCI certification have been in place for over six years, many businesses are still struggling to comply despite exhaustive training and the threat of financial penalties.

According to figures from Verizon's 2011 Payment Card Industry Compliance Report, just one in five companies met every one of the must-pass requirements during their first attempt at validation last year, leaving 79 per cent of firms to go through further remediation. The publication observed one common reason for failing a PCI audit is a lack of control over where cardholder data is stored. It was noted by Sushila Nair, security specialist with BT Global Services, that the era of cheap storage has led to many difficulties for companies.

She said it is a significant challenge for firms to understand where the perimeter of their secure network is, as this is changing all the time. As a result, it is common for confidential data to leak into parts of a system where it should not be. John Nicholson, an attorney who specialises in IT compliance issues, told Dark Reading that another problem is companies do not understand how much data they are required to keep, which results in them storing more information than necessary "simply because they always have". "I've seen clients retain data because they believe - usually incorrectly - that they need the data for audit purposes or other legal or regulatory purposes," he said. "They confuse the need to retain transaction history with the need to retain the cardholder data itself."

Other common issues highlighted by Dark Reading include an over-reliance on technological solutions to manage their data, which can result in overlooking the need for string processes and staff training. Bob Russo, general manager of the PCI security Standards Council, explained advanced technologies are not useful unless a firm has well-trained staff to install and manage it correctly.

Find out more on how to maintain a dedicated server at

Here are 4 out of 12 reasons why you should choose

99,9% uptime

High availability of servers are extremely important to our customers, thus we take uptime seriously. We offer 99,9% uptime on all our dedicated servers and third party monitoring to prove it. Moreover, we have a completely redundant network and we can execute network maintenance without any packet loss on your end.

No contracts requires no contracts because we are confident that you will enjoy our flexible, fast and high performance servers which are completely dedicated to your needs. Hence, we have no obligations; you can cancel your dedicated server simply by not renewing it. This means your server will automatically expire on its expiry date. We only want you to stay because you are satisfied, not because a contract requires you to.

Native IPv6

IPv4 addresses are running out very quickly and preparing for native IPv6 is essential. We offer native IPv6 with all our servers by default, complete with reverse DNS. This means that our entire infrastructure is IPv6 supported. Dedicated servers with native IPv6 are truly future proof. We enable you to use your native IPv6 addresses instantly after your server activation.

Custom built servers

We are committed to meet the changing hosting needs of our customers. allows you to assemble your own dedicated server with any combination of hardware, memory or processor. By using our user-friendly drag and drop configuration tool you can easily build your own dedicated server completely tailored to your own needs. All you have to do is to drag or click the components you need. Our custom-built dedicated servers provide enterprise solutions which allow you to maximize your IT environment.