SiteSphere CMS and e-commerce platform demonstrates data security with PCI compliance
The production SiteSphere platform has recently gained PCI compliance for enhanced payment account data security. The compliance relates to security management, policies, procedures, network architecture, software design and other critical measures for the company’s ‘SiteSphere’ CMS and e-commerce platform. Through this comprehensive standard ActiveBrand demonstrates its commitment to proactively help maintain consistent data security measures on a global basis, and protect customer account data.
The PCI DSS is a set of continuously developing comprehensive requirements for enhancing payment account data security, developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis.
Key requirements:
- Build and Maintain a Secure Network
- Install and maintain a firewall configuration to protect cardholder data
- Do not use vendor-supplied defaults for system passwords and other security parameters
- Protect Cardholder Data
- Protect stored cardholder data
- Encrypt transmission of cardholder data across open, public networks
- Maintain a Vulnerability Management Program
- Use and regularly update anti-virus software
- Develop and maintain secure systems and applications
- Implement Strong Access Control Measures
- Restrict access to cardholder data by business need-to-know
- Assign a unique ID to each person with computer access
- Restrict physical access to cardholder data
- Regularly Monitor and Test Networks
- Track and monitor all access to network resources and cardholder data
- Regularly test security systems and processes
- Maintain an Information Security Policy
- Maintain a policy that addresses information security
PCI compliant status ensures our customers can have confidence in the data security standards operated when we handle sensitive customer data. Our status is monitored on a quarterly basis by external network scanning experts.
For more information about our current compliance status, please contact Ambrose Burgin by email at the Customer Helpdesk.