OVH today has just received the PCI DSS (v3.2.1) Attestation of Compliance as a Payment Service Provider PSP level 1 in its London datacentre Erith, for its hosted Private Cloud solution. This is a continuation of the global hyperscale cloud provider’s strategy to gain recognition for the conformity of its services with best practice and international standards.
Issued by the PCI Council (Visa, Mastercard, American Express, Discover and JCB), PCI DSS (Payment Card Industry Data Security Standard) gives assurance to banks and users of online services that companies who handle confidential payment card data comply with specific security requirements. OVH, which has already received the attestation for its datacentres in France, Canada and Poland has now added the UK datacentre to the scope of compliance as well.
This means that OVH’s online retail customers, payment service providers and merchant agents will be able to install their payment applications onto a PCI DSS-certified cloudhosted in the UK. This will also help them to gain their own PCI-DSS certification quicker and more efficiently, with OVH having already validated the control points under its responsibility. The security of online transactions made by these online retailers’ customers will also benefit from this certification.
A certified level of security “We’re constantly implementing and improving the physical and logical security procedures of our global cloud infrastructure,” said Hiren Parekh, Senior Director for Cloud Services, OVH. “ISO 27001 concerns organisational and risk-based security, SOC 1 & 2 type II attests the reliability of our security controls, and ISO 27017 and CSA certifies our compliance with cloud best practice. PCI DSS is the professional certification with the highest level of data protection we’ve received in the last few years for our Hosted Private Cloud. It gives our customers another reason to put their trust in us and demonstrates OVH’s global commitment in the fight against credit card fraud.”
The audit was carried out by the Cyber Security consulting firm XMCO, registered as a Qualified Security Assessor (QSA) company. The firm analysed more than 2,000 records, of compliance and conformity with the PCI DSS requirements in order to certify the level of security of the Hosted Private Cloud solution.
OVH is a global, hyper-scale cloud provider that offers businesses industry-leading performance and value. European leader, OVH is the alternative in the cloud. Founded in 1999, the group manages and maintains 28 datacentres across 12 sites in 4 continents, deploys its own fibre-optic global network and controls the entire hosting chain. Relying on its own infrastructures, OVH offers simple and powerful solutions and tools that put technology at the service of business and revolutionises the way that its 1.4 million customers work. Respect for individuals, freedom and equal opportunities for access to new technology have always been firmly rooted principals of the company. Hence OVH’s motto, “Innovation for Freedom”.