PCI compliance is something you must take seriously in the eCommerce hosting world. Mandated by Visa and Mastercard, PCI compliance is a set of guidelines you must follow if you want to accept credit card payments in an online environment. This is also known as a 'card-not-present' environment. The rules are very different from a typical retail scenario. PCI compliance is not just about online encryption. It also covers data backups, equipment access, building security and more.
We keep our hosting environment located in a secure data center. Could we host our equipment ourselves in our own office space? Sure. It would be cheaper and translate to a better bottom line for us.
But a typical office environment lacks the physical access security necessary to maintain PCI compliance. Would you want all of your client and sales information housed in a room where only 1 key gets access to everything? Of course not.
You want security cameras monitoring every entrance and exit. You want electronic badges securing every door. You want physical keys required to access any piece of equipment. And you want humans watching it all 24/7/365.
That's why we use a data center. Anything less is simply taking a risk you don't have to take.
Our data center meets or exceeds all applicable standards set forth for PCI and HIPAA compliance. Credit card or Patient data is passed over secure VLANS and physical security is ensured through multiple documented procedures.