Will Your Customer Info Fall Into the Wrong Hands?

The internet brings us a myriad of opportunities for connecting, socializing, and doing business. It’s helped millions of companies reach new markets, expand their offerings, and, above all, grow.

Today, Jeanne DeWitt discusses how this opportunity comes with many risks for businesses, especially small to midsize ones.

 

Small and Medium-Sized Businesses are Big Targets

Cybercriminals understand that small to medium businesses lack the time, money, and resources to create and manage a comprehensive, ever-evolving online security strategy. In a company where every employee wears many hats, oftentimes cyber threats can sneak in, and corporate security posture can be easily overlooked.

Hackers will continue to become more sophisticated, using cutting-edge methods of breaking into networks to steal sensitive customer data. Today, bad actors use coordinated attacks that may include ransomware, social engineering, and phishing scams to access a company’s private data.

Clever schemes will exploit businesses’ human element to extract data they can sell in nefarious areas of the Internet for big dollars.

Protect Your Clients and Yourself

So, as an MSP, how should you protect yourself and your clients?

By partnering with a reputable, secure cloud service provider, you can fill a market need in the small to medium business space. These companies are excellent prospective clients, as they seek MSP advice and oversight to remain compliant and secure online.

As we know, a firewall, once a simple solution for Internet security, is no longer enough. Providing a comprehensive multilayered approach that includes a secure cloud solution will build confidence with your clients and provide a much-needed service offering in the marketplace.

Cloud hosting tends to be safer than on-premise infrastructure because cloud service providers have made huge investments to keep it that way. Cloud providers have more resources, capability, and dollars to invest in their offerings.

Cloud hosting incorporates:

  • Updated intrusion detection and prevention
  • Encryption
  • Advanced firewalls
  • Physical security like armed guards and restricted physical access

As an MSP, you will pay a flat-rate monthly fee for a cloud environment, then take care of on-going maintenance on behalf of your clients, including ongoing security, management, and support.

Choose the Right Cloud Partner

CPU offers cloud services to MSPs with no contracts and no additional costs. With all the tasks you’re handling for clients, worrying about your data center’s protection should not be a concern.

Your cloud infrastructure will be hosted in a highly reliable, highly secure, tier three data center. You can depend on our robust support, and you’ll maintain full account control.

Let’s start a conversation. Call us today at 866-883-8836 or send us an email. We would love to help you support your customers.

Will Your Customer Info Fall Into the Wrong Hands?

The internet brings us a myriad of opportunities for connecting, socializing, and doing business. It’s helped millions of companies reach new markets, expand their offerings, and, above all, grow.

Are You Sure Your Cloud Provider Is Certified PCI Compliant?

It’s Very Easy To Assume All Cloud Providers Are Fully Compliant. But, Upon Closer Inspection Unless You Request Full Disclosure, You May Discover Their Compliance May Not Meet All PCI DSS 12 Requirements…

Along with protecting clients, an MSP must take necessary steps to protect their organization when choosing a Certified Cloud provider, like CPU. Should that provider not meet the 12 requirements for PCI DSS compliance, it could spell trouble for the MSP wanting to offer cloud services.

As an MSP, you need to do your due diligence when inspecting your cloud provider’s compliance. If you haven’t discovered it yet, not every provider stating they are certified can meet the PCI DSS security standards.

 

What PCI Security Standards Should An MSP Expect From Their Cloud Provider?

This is extremely important to know and stay abreast of any changes. It would be best to consider how the Cloud provider’s compliance or lack thereof will impact your clients. The negative impact it can have on your clients who must follow payment card compliance if uncovered later, the cloud provider was not, would devastate their business.

Here’s what you want to know. A Certified Cloud provider that is compliance-focused, only offers a fully managed PCI compliant cloud, like CPU, and follows the guidelines set by the PCI Security Standards Council (SSC). They will take the necessary steps to obtain and maintain their PCI DSS compliance. If the cloud provider is proactive, they will provide their status level, i.e., v3.1, v3.2.

What Are The 12 PCI DSS Compliance Requirements?

For an MSP, compliance is a way of life. When it comes to the Healthcare industry, they want to know everything about HIPAA. With the Financial industry, it’s FINRA, and with the Payment Card industry, it is PCI DSS compliance as set forth by the PCI SSC.

So, below, I’ve listed the 12 PCI DSS compliance requirements as a quick reference for you to review often. Should you have a current cloud provider request and inspect their credentials, to determine if they meet or exceed these compliance requirements.

  1. Use and maintain firewalls
  2. Proper password protection
  3. Protect cardholder data
  4. Encrypt transmitted data
  5. Use and maintain anti-virus
  6. Properly updated software
  7. Restrict data access
  8. Unique IDs for access
  9. Restrict physical access
  10. Create and maintain access logs
  11. Scan and test for vulnerabilities
  12. Document policies

For the record, CPU is Certified PCI DSS compliant. We are proactive about PCI compliance and stay abreast of changes and updates in the Payment Card Industry. We take the necessary steps to update ourselves and align our organization with the PCI Security Standards Council (SSC).

Call us at (866) 883-8836, and let’s continue this conversation. We can discuss how your MSP can take full advantage of the cloud to serve your clients better.

Are You Sure Your Cloud Provider Is Certified PCI Compliant?

Along with protecting clients, an MSP must take necessary steps to protect their organization when choosing a Certified Cloud provider, like CPU.