Keep Your Customers Safe While They Shop

How PCI-DSS and Rackspace Can Help

You must implement the following PCI controls:
Rackspace can help by providing:
Install and maintain a firewall configuration to protect cardholder data

Managed Firewall

Rackspace Managed Firewalls provide the highest level of security, earning ICSA Firewall and IPsec certification and Common Criteria EAL4 evaluation status. Working with a Rackspace Security Engineer, you establish and are the sole owner of the set of rules that defines unwanted traffic. Based on this set of rules, information that is sent to your server is inspected and then filtered.

Learn more

Do not use vendor-supplied defaults for system passwords and other security parameters

Vulnerability Assessment Services

Alert Logic’s Threat Manager is a cloud-powered vulnerability assessment and intrusion detection service to defend and protect systems against internal and external threats.

Learn more

Protect stored cardholder data
Not applicable — you must implement this requirement
Encrypt transmission of cardholder data across open, public networks

SSL Certificates

Installation and renewal service for six certificates from the two leading and most trusted names in the industry, VeriSign® and thawte™. Extended Validation (EV), Organization Validated (OV), and Domain Validated (DV) SSL certificates available.

Learn more

Use and regularly update anti-virus software or programs

Managed Anti-virus

Fully managed anti-virus solution offers proactive, sustained protection against viruses, worms, Trojans, spyware, and other malware for Windows or Linux servers. Features Behavioral Genotype Protection™ for zero-day protection by proactively identifying malicious code on file servers and deleting it before it executes or reaches endpoint computers on your network.

Download PDF

Develop and maintain secure systems and applications

Web Application Firewall

Leverages industry-leading SecureSphere® & ThreatRadar technology from Imperva, the leader in web application security. The Rackspace WAF Service is fully supported by our Professional Services Team who deploys, tunes, profiles, troubleshoots, and manages your device. Service also includes re-tuning your web application firewall as you make changes to your application.

Download PDF

Restrict access to cardholder data on a need-to-know basis

Managed Active Directory

Rackspace Managed Servers with Intensive® Proactive Support include customized Active Directory management services.

Learn more

Assign a unique ID to each person with computer access

Two-Factor Authentication

Backed by industry-leading RSA SecurID technology, with a 20-year history of outstanding performance and innovation and a team of Rackspace CCSP- and RSA-certified professionals to fully manage your dedicated RSA SecurID appliance and tokens. Each RSA Authenticator token automatically generates a unique password every 60 seconds. Two-factor authentication using a unique PIN and the authenticator token password offers a more reliable level of user authentication than reusable passwords alone.

Download PDF

Restrict physical access to cardholder data

Data Center Security

Rackspace data centers are PCI-DSS and Safe Harbor compliant in addition to having SSAE16 Type II, SOC1, SOC2 (Security and Availability Only), and SOC3 audits on file for all data center facilities. Specific policies exist to both prevent unauthorized physical access, damage, and interference to our organization’s premises and information and to confirm that only approved users are granted access to appropriate systems and resources.

Learn more

Track and monitor all access to network resources and cardholder data

Log Management

The Alert Logic Log Manager™ automatically aggregates, normalizes, and stores log data from your environment to simplify log searches, forensic analysis, and report creation through real-time or scheduled analysis. LogReview, a service enhancement to Log Manager, provides daily event log monitoring and review by a team of Alert Logic security professionals.

Learn more

Regularly test security systems and processes

Threat Management

The Alert Logic Threat Management™ system monitors your Rackspace environment, detecting external and internal threats. When it detects an incident, Alert Logic’s ActiveWatch service provides expert guidance from its security operations center (SOC), staffed around the clock by Alert Logic security analysts. Integrated vulnerability scanning helps you identify possible points of entry and correct them, and assists you with meeting regulatory compliance requirements.

Learn more

Maintain a policy that addresses information security for all personnel
Not applicable — you must implement this requirement

Remember that simply hosting with Rackspace doesn’t automatically make you PCI-compliant. And while technologies can help in your efforts toward PCI compliance, tools like Firewalls, Intrusion Detection Systems and Log Management appliances are only as effective as the people and processes in place to install and manage them.

We can work with you to build a framework for outlining and managing the process and technology requirements of PCI-DSS.

PCI and your cloud environment

When you host your environment with Rackspace, you may also sign up with a separate payment processor who provides tokenization—replacing credit card data with meaningless numbers or “tokens”. When you accept a payment, non-PCI data routes to your Rackspace-hosted environment, while the tokenized credit card data routes to your payment processor.

Since your customers’ credit card data does not route to your Rackspace hosted infrastructure—only the payment processor—your Rackspace environment stays out of the scope of your PCI requirements.

Learn more about Security at Rackspace

Start the Conversation

Change your region: