What level of PCI compliance do you require? If you need a PCI cage or something like that, it's almost always an extra charge. To just make the server itself PCI compliant isn't really that difficult. If you have managed hosting, that should be included in your management services.
The actual PCI scan will be your responsibility however. My only advice there is to avoid trustwave as they want TLS 1.0 completely disabled which isn't practical right now. Disabling weak ciphers is sufficient for other scanners until support for TLS 1.1+ is more common.
What level of PCI compliance do you require? If you need a PCI cage or something like that, it's almost always an extra charge. To just make the server itself PCI compliant isn't really that difficult. If you have managed hosting, that should be included in your management services.
The actual PCI scan will be your responsibility however. My only advice there is to avoid trustwave as they want TLS 1.0 completely disabled which isn't practical right now. Disabling weak ciphers is sufficient for other scanners until support for TLS 1.1+ is more common.
I am not sure the exact "level" the one for accepting credit cards and using netbilling I will check on that. I appreciate your input. I do have managed hosting and need some software upgrades basically is all. It seems its not included and I want to hear what others are doing about it
You don't need anything special. You need ssl cert. That is not outdated installed on the domain which you will use to collect card info.
Also, collecting card data and passing it to gateway is the norm. The pci compliance questions your gateway asks to complete should be the short version, about 5 pages max.
You do not store the actual card numbers so you are not obligated to provide the more stringent pci compliance requirements and questions, about 115 pages of questions regarding your policies.
Hi there. I require a PCI compliant server.
Can you tell me does your host charge extra for this?? What are the options?
Hi,
We he naked all data storage for you so all you need is an SSL certificate if you are hosting the join/payment pages. Contact our support department for a recommendation. We have a deal with Digicert as well. Send me an email for a recommendation as well if you wish to Mitch at Netbilling.com
Thanks
Mitch Farber
CEO - NETbilling, Inc. Email / Phone: 888-357-8166 / 661-252-2456
Transaction processing & 24/7 call center services with exceptional rates and flexibility, since 1998!
Mitch Farber
CEO - NETbilling, Inc. Email / Phone: 888-357-8166 / 661-252-2456
Transaction processing & 24/7 call center services with exceptional rates and flexibility, since 1998!
Comment