Blog Header Banner

Archive for the ‘New York Datacenter’ Category

Earth Day and Your Data Center – Green is Not What It Used To Be   no comments

Posted at Apr 19, 2022 @ 9:00am New York Datacenter

As we celebrate Earth Day, many businesses, organizations and individuals will take additional time to reflect on their impact on our environment and the contributions we can all make to a sustainable future. Organizations like EarthDay.org help spearhead awareness and direct-action options we can all consider in our own lives to be ‘greener’.

The term “Green”, “Being Green” or “Going Green” all have multiple variations and meanings, but in general, we all accept that it means to help sustain the environment in some fashion. Many years ago, the Earth Day movement started more with a focus about recycling. Today, it has evolved into an awareness of sustainability by reducing overall carbon footprints through less consumption (and output of non-renewable resources to produce the goods and/or power we consume).

One of the largest non-green impacting areas we see is electronic devices like our mobile devices, computers, and servers. While desktop computers at least have power saving modes that often can reduce their usage, they still consume (and impact the environment) roughly the same as 4,500 miles driven per year of a typical US car. Servers are the worst offenders of the bunch, running 24/7, consuming large amounts of energy to keep your email, files, apps, and websites running all the time even when we are asleep.

Those high energy consuming servers, and in some cases office desktop PC’s, can all be moved to the cloud through cloud-based servers and colocation.  It may not seem obvious, but moving your servers and desktop PCs into the cloud can make a huge impact. While data centers can consume massive amounts of energy to keep those cloud-based servers running 24 hours a day (especially the massive industrial air conditioning and redundant power systems in place to support these facilities), the fact is that data centers can be scaled up to effectively utilize the best-in-class options to be efficient and sourced from green energy, to substantially reduce, or in fact eliminate their entire carbon footprint. If you colocate or host your servers in such a data center, you effectively reduce your impact on our environment significantly.

TurnKey Internet’s Green Data Center was built to have an effective carbon footprint of zero  – sourcing all its power from a massive on-site solar array and hydro-electric power provided by New York State’s Recharge NY program, on top of the most cutting-edge power efficiency and data center cooling technology.  TurnKey Internet’s state-of-the-art data center won the New York State Environmental Excellence award and The U.S. Federal Government’s Environmental Protection Agency awarded the facility the 2nd only New York Energy Star Certified Data Center designation.

So from our stand point, green is about minimizing or having zero impact on the environment – and more so, we are helping businesses take their office servers, computers, and other IT infrastructure into the cloud to minimize their carbon footprints too. This Earth Day, take a look around your home or office – and see what small changes you can do to help improve your impact on the world.

Follow Us : Facebooktwitterlinkedinyoutubeinstagram
Share : Facebooktwitterredditlinkedinmail

Data Center Security: Keeping your Servers and Data Safe   no comments

Posted at Aug 3, 2021 @ 9:00am New York Datacenter

datacenter-security

The question of where to store data and sensitive information continues to concern many businesses. If you are like most companies, you worry about the security of your data. You may be thinking that you need to keep the data as close to you as possible, storing it at your own on-site data centers where you can “keep an eye on everything.” How could you possible know what is happening with your data at servers far away from your office space?

The fact of the matter is, however, that your data is much more secure at a Data Center & Cloud provider than on your in-house servers. A cloud provider is able to offer you many more security features and guarantees for your data than you have in your own space. However, you have to feel comfortable with your cloud provider keeping your data. A quick look at the many benefits of cloud storage may help convince you.

The Benefits of Moving to the Cloud

Choosing to move your information and data to the cloud is no easy decision. However, the number of benefits that data center and cloud providers offer to you and your business can make this change well worth it. Consider the many benefits, including:

  1. Data security – Possibly the most important aspect of cloud storage, data security is the main priority of cloud providers. With some high-profile companies becoming the victims of data breaches in the last couple of years, cloud providers have upped their investments in access control, identity management, intrusion prevention and virus and malware protection. These improvements have resulted in increased security protocols and more protection for communication between users and servers.
  2. DDoS protection – Distributed Denial of Service (DDoS) attacks are designed to overwhelm cloud servers, flooding them with requests until the security breaks down and actual user needs are ignored. Such an attack can derail a business quickly, losing revenue, customer trust and authority. Cloud providers are now providing services that monitor and protect against DDoS attacks.
  3. Regulatory compliance – Cloud providers are required to follow the industry and governmental regulations that oversee their sectors. This includes guarantees and restitutions for your data in the event of a breach.
  4. Reduced in-house data costs – Migrating all of your data to a cloud server will allow you to reduce the size and cost of your on-site location. For example, you will be able to remove servers, lower your software costs and potentially reduce IT staff without compromising the integrity or security of your data. Most cloud storage is paid on an as-needed basis, so you will only pay for the amount of server and infrastructure capacity that your business needs, and you can change that amount at any time.
  5. Constant availability – Cloud providers are exceptionally reliable. The connection is on 99.99 percent of the time, only going down for maintenance, and you will have access to your applications and data at all times and from practically anywhere.
  6. Improved mobility and collaboration – Cloud storage is available to those who need it no matter where they are located. With today’s internet connections via tablets and smartphones, you will be able to access your data and your applications no matter what you are doing. You can also share your information and conduct collaborations via shared storage capabilities offered by cloud providers.

Choosing the Right Data Center & Cloud Provider

Once you have decided that storing your information on the cloud is the right decision for your business, you will need to find the right provider. You are placing all of your important data in the hands of this provider, so you must make sure that you choose the right one.

The best way to find the right cloud provider is to begin by talking to some of the provider’s current clients. These are the people who have already made the decision to trust the provider, and they will have the best insight into how the provider works and what it can offer. Try some of these questions to discover more about the service that you are considering:

  • Did you find the on-boarding process relatively easy to accomplish?
  • Did the service provide education and training about the new technology for your staff?
  • What is the technical support like when you encounter problems with the service?
  • Have you personally experienced any serious security concerns or incidents?
  • How have your security concerns been handled by the provider?

If you are dissatisfied with any of the responses to these questions, you do not have to use that particular provider. Keep looking and asking questions until you find a cloud service that meets your needs and that makes you feel comfortable.

Your Security and Peace of Mind

Technology is constantly changing and improving, and you need to be able to trust that your data center provider will keep up with the evolution of security needs. For any cloud service, find out whether there are security protocols in place, including:

  • Physical security of the data center
  • Environmental controls
  • Back-up measures for power and internet
  • Back-up measures for your data
  • Technical support when you need it

Frequent system audits are also necessary in order to ensure that all servers meet or exceed industry standards for data security.

When you are searching for a cloud provider, ask potential candidates about their compliance to SSAE 18/SOC. This set of standards measures the amount of control that a service organization maintains over your sensitive data and financial information. An audit will report any flaws in data flow.

You should also inquire about compliance to the Health Insurance Portability and Accountability Act (HIPAA). This regulation ensures the security and privacy of private health information that is stored on cloud services. A HIPAA audit will demonstrate holes in the security of such specific and sensitive data.

If your cloud provider choice is compliant with both of these standards, you can rest assured that your sensitive data will be monitored and its integrity will be maintained at your data center.

TurnKey Internet’s Data Center

TurnKey Internet owns and operates its own private data center located in New York’s Tech Valley region. Our SSAE-18 SOC certified, HIPAA compliant data center was a former U.S. Government building that was purchased by TurnKey in 2010. It is made to U.S. Federal Government standards, with 1-foot thick concrete along the perimeter, plus additional reinforced walls and security enhancements. We have installed advanced security systems, and infrared based surveillance monitoring cameras. Employees all undergo background screening, and clients are not permitted within the facility except with photo ID and escorted by trained security personnel at all times.

Owning our data center, we have been able to design, build and maintain every aspect of its construction to provide an ideal hosted server environment. This allows us to provide our clients fast, secure and reliable performance at all times.

Choosing to put your business information in a cloud service rather than housing it on-site is an important decision that requires careful vetting of your potential provider. Once you have chosen a service, you can trust that your data center will keep your important information safe and secure.

Follow Us : Facebooktwitterlinkedinyoutubeinstagram
Share : Facebooktwitterredditlinkedinmail

Written by David Maurer on August 3rd, 2021

Tagged with , , ,

What is a Data Center? (A Basic Guide)   no comments

Posted at Feb 16, 2021 @ 9:00am New York Datacenter

What is a Data Center?

You don’t have to be a tech startup to benefit from ready access to your data. Digital information is becoming increasingly important to companies of all sizes in all kinds of industries. Data centers let you store, modify, access and back up your data safely, reliably and economically. Here’s how they work and why they might be right for your organization.

Data Center Basics

Data centers are dedicated physical facilities that house the networked computer equipment that contains your information. Although their design varies, the majority include some of the following common elements:

 

Servers

Servers are computers made to be constantly running. Unlike your personal desktop or laptop, most servers are headless, meaning that they lack monitors, keyboards and other interfaces that facilitate direct human interaction. Instead, they connect to other servers and clients via local network and internet connections. For instance, when you access your favorite websites, you’re really sending a request to a remote server that responds with the information needed to display the pages you want.

 

Racks

Servers are made to be compact, and racks let you stack armies of them in a small space. Racks may house their own cooling devices and monitoring components. Some even include custom components, vibration absorbing materials and soundproofing elements. Rack units come in a number of standardized sizes made for various equipment. Their design makes it possible to mount shared power units, route cables neatly and install servers in a fashion that permits free air flow.

 

Network Infrastructure

Linking servers together requires more than just network cables. Like the home or office networks that you might be familiar with, these systems require switches, routers, firewalls and other connecting hardware that controls the flow of data and permits secure external access between a remote client and a server. Most data centers feature redundant network connections from multiple Internet Service Providers (ISPs), allowing them to have a bandwidth capacity of more than 10,000x that of a typical office cable internet connection. This redundancy also allows some data centers the ability to offer Network Uptime Guarantees or Service Level Agreements (SLA) to their clients.

 

Environmental Systems

Even though racks and servers commonly have their own local cooling fans and ducts, all of the heat that they cast off has to end up somewhere. Cooling systems ensure that your data center doesn’t turn into a hot sauna by circulating air inside the facility, controlling moisture levels and exchanging heat using an air conditioner or similar device. These systems must be capable of constantly running since servers generate significant heat even when they’re not chugging along at full steam. Temperature management is one of the most important aspects of operating a data center. Proper cooling saves expensive equipment from overheating, shutting down unexpectedly or sustaining permanent damage.

 

Performance Monitoring Equipment

How do you know when your office server is running smoothly? Although checking your website is one option, it’s not very effective at stopping problems in advance. Performance monitoring devices featured in data centers let engineers observe the conditions in their facilities to ensure that everything is going according to plan. Tracking different variables, such as temperatures, power usage, and network activity give data centers deeper insights into the overall performance of your company’s servers, allowing them to take specific actions in case of problematic conditions.

 

Power Infrastructure

Most data centers feature power distribution units, or PDUs, and components like uninterruptible power supplies, or UPS, that continue providing electricity in case of blackouts. Data centers will also incorporate backup generators to ensure continuous power is delivered to your IT equipment in the event of a disaster which wipes out local utility power. Some data centers will even take an environmentally-conscious approach by leveraging green, clean energy via solar and hydro electric power.

 

Why Are Data Centers the Standard?

Data centers have come to dominate a landscape once populated with in-office server racks and general-purpose computer networks. While these elements still play roles in many business models and processes, their fall from prominence reflects a number of advantages that only data centers can claim.

Because they’re specifically designed to store servers and keep them running safely even if your office network goes down, professional data centers offer benefits such as:

  • High availability, or the tendency for your website or company data to be accessible at all times
  • Robust servers and networking hardware that can easily be scaled up or down
  • Physical security brought about by the face that many facilities control who comes and goes
  • Network security that meets modern and certified standards
  • Faster network connections that provide quicker backups and more pleasant user experiences
  • Fire, flood, and other forms of disaster recovery and mitigation for business continuity
  • 24/7/365 IT Support Staff

 

Could Your Organization Benefit From a Data Center?

It may seem tempting to do everything in-house, especially if you’ve already invested in your own servers or a computer room. Although some organizations don’t need dedicated data centers, many are leveraging the advantages to propel their enterprises forward in a business ecosystem that’s only growing more digitized.

Do you want your site to be accessible at any time from any location in the world? Are you prepared to replace your critical network infrastructure in the event of a disaster? How much are you spending on facility power? While there’s definitely a call for keeping some computing hardware local and maintaining your own IT staff, data centers make it possible to reduce operating overhead and increase reliability in these and many other areas.

For organizations that depend on data to power their decision-making, connect users and get work done, the choice is clear. To learn more about incorporating data centers into your business model, contact TurnKey Internet today!

 

Follow Us : Facebooktwitterlinkedinyoutubeinstagram
Share : Facebooktwitterredditlinkedinmail

Written by David Maurer on February 16th, 2021

Tagged with , ,

Migrating To The Cloud   no comments

Posted at Jan 8, 2019 @ 9:00am New York Datacenter,turnkey cloud

Choosing to migrate your company’s IT infrastructure and data to the cloud is no easy decision. However, the number of benefits that the cloud offers to you and your business can make this change well worth it. The cloud is able to offer you many more security features and guarantees for your data than you typically have in your own on-site server room. Let’s take a look at some of the benefits migrating to the cloud will provide.

 

Better Data Security

Possibly the most important aspect of cloud storage, data security is the main priority of cloud services. With some high-profile companies becoming the victims of data breaches in the last couple of years, cloud providers have upped their investments in access control, identity management, intrusion prevention and virus and malware protection. These improvements have resulted in increased security protocols and more protection for communication between users and servers.

 

Improved Availability

Cloud providers are exceptionally reliable. The connection is on 99.99 percent of the time, only going down for maintenance, and you will have access to your applications and data at all times and from practically anywhere. Data stored in the cloud is available to those who need it no matter where they are located. With today’s internet connections via mobile devices and smartphones, you will be able to access your data and your applications no matter what you are doing.

 

Reduced Costs

Migrating all of your data to the cloud will allow you to reduce the size and cost of your on-site location. For example, you will be able to remove servers, lower your software costs and potentially reduce IT staff without compromising the integrity or security of your data. Most cloud storage is paid on an as-needed basis, so you will only pay for the amount of server and infrastructure capacity that your business needs, and you can change that amount at any time.

 

Finding the Right Data Center

Once you have decided that storing your information in the cloud is the right decision for your business, you will need to find the right provider and data center. You are placing all of your important data in the hands of this provider, so you must make sure that you choose the right one. Technology is constantly changing and improving, and you need to be able to trust that your cloud provider will keep up with the evolution of security needs. Before choosing a data center, you should inquire about the physical security of the facility, what back-up measures for power and internet are in place, as well as what level of support is available to you if you need it.

When you are searching for a data center, ask potential candidates about their compliance to SSAE-18 and SOC. This set of standards measures the amount of control that a service organization maintains over your sensitive data and financial information. An audit will report any flaws in data flow. You should also inquire about compliance to the Health Insurance Portability and Accountability Act (HIPAA). This regulation ensures the security and privacy of private health information that is stored on cloud services. A HIPAA audit will demonstrate holes in the security of such specific and sensitive data. If your data center choice is compliant with both of these standards, you can rest assured that your sensitive data will be monitored and its integrity will be maintained.

TurnKey Internet owns and operates its own private, SSAE-18 SOC  1 & SOC 2 certified, HIPAA compliant data center located in New York’s Tech Valley region. Our data center was a former U.S. Government building that was purchased by TurnKey in 2010. It is made to U.S. Federal Government standards, with 1-foot thick concrete along the perimeter, plus additional reinforced walls and security enhancements. We have installed advanced security systems, and infrared based surveillance monitoring cameras. Employees all undergo background screening, and clients are not permitted within the facility except with photo ID and escorted by trained security personnel at all times.

Owning our data center, we have been able to design, build and maintain every aspect of its construction to provide an ideal hosted server environment. This allows us to provide our clients fast, secure and reliable performance at all times. We’ve also been able to leverage the state-of-the-art in green technologies, making our data center among the most energy-efficient world-wide. For more information, visit https://turnkeyinternet.net/datacenters

 

Follow Us : Facebooktwitterlinkedinyoutubeinstagram
Share : Facebooktwitterredditlinkedinmail

Written by David Maurer on January 8th, 2019

Tagged with , , , ,

Power Maintenance and Data Center Building Upgrades at TurnKey Internet in Albany New York   no comments

Posted at Dec 11, 2017 @ 2:59pm New York Datacenter

TurnKey Internet Data Center

On Tuesday, December 12th, our primary Data Center in Albany NY will be undergoing power maintenance and upgrades with National Grid to complete the installation of our new 2N (Fully Redundant) Generator System.

During this time, power to the building will be diverted for safety reasons, and our data center will be operating on our redundant diesel power generators. Various contractors and vendors will be on site to ensure everything goes as planned. There will be no service disruption or downtime, this is an informational notice only.

This upgrade will be providing our Albany Data Center with a fully redundant and independent 2N Generator System that sources from multiple Fuel Systems, flowing through multiple ATS (Auto Transfer Switch) systems, along with our already N+2 Redundant Cooling systems to continue to upgrade our facility at the highest level of redundancy and reliability possible. Upon completion, our Albany Data Center will be ranked in the Tier IV category for redundancy and reliability, and continue to be the best and most reliable facility in New York’s Capital Region.

You can read more about what this means and the bright future ahead on our website here: https://www.turnkeyinternet.net/datacenters/new-york/albany/

 

Follow Us : Facebooktwitterlinkedinyoutubeinstagram
Share : Facebooktwitterredditlinkedinmail

TurnKey Internet, Inc Completes State-of-the-Art Green Datacenter Expansion   no comments

Posted at Dec 13, 2016 @ 9:42am New York Datacenter,Press Release

LATHAM, NEW YORK (December 13th, 2016) – Leading Datacenter and Cloud Hosting Solutions provider TurnKey Internet, Inc. announced today the completion of the expansion to its flagship Datacenter in New York’s Tech Valley Region. The expansion increases total capacity of the New York datacenter by 50% as well as adding additional network capacity, high speed computing servers, and redundant environmental systems to meet the growing demand for its Colocation and Cloud-based solutions.

Less than six months after announcing the opening of their new California datacenter, TurnKey Internet’s latest expansion to its flagship New York Datacenter continues to strengthen the company’s enterprise-class cloud-based infrastructure, which currently provides solutions to clients in over 150 countries. The expansion not only increases total capacity, but also includes upgrades to the datacenter’s cooling systems, FM200 fire suppression and detection systems, as well as additional network redundancy and capacity.

Constructed in 2012, TurnKey Internet’s New York Datacenter leverages state-of-the-art green technologies, such as Cold-Containment Pods, smart-aisle cooling technology, and high voltage efficient power delivery systems. The facility maintains a zero carbon emission foot print by sourcing hydroelectric power through Governor Cuomo’s ‘ReCharge NY’ Program and using its advanced on-site solar power array. The facility is among the most energy-efficient datacenters world-wide. In 2013, the facility was the 2nd in New York to be designated as an ENERGY STAR® certified data center by the United States Environmental Protection Agency (EPA). In 2013 the New York State Department of Environmental Conservation awarded TurnKey Internet an Environmental Excellence Award for the cutting-edge green design and operation of the 100% non-fossil fuel consuming sustainable datacenter.

“The expansion of our New York Datacenter matches our vision of providing our customers access to best in class enterprise-grade IT resources on a ‘turnkey’ platform,” said Adam Wills, CEO of TurnKey Internet, Inc. He continued “Demand only is increasing for colocation and hybrid cloud solutions. The expansion of our datacenter and infrastructure allows us to continue to deliver the best Cloud Services with increased redundancy and more value to our existing and future clients.”

For more information about TurnKey Internet’s latest expansion or to speak with a Cloud Hosting Solutions expert, visit https://turnkeyinternet.net/

 

About Turnkey Internet

Founded in 1999, TurnKey Internet, Inc. is a full-service Cloud Hosting Solutions provider with Datacenters in New York and California specializing in Infrastructure as a Service (IaaS) to clients in more than 150 countries. Services offered in both East Coast and West Coast, USA – include Public Cloud, Private Cloud, Dedicated & Bare Metal Servers, Backup & Disaster Recovery, Online Storage, Web Hosting, Managed Hosting, Hybrid Solutions and Enterprise Colocation. Headquartered in New York’s Tech Valley Region, TurnKey Internet’s Flagship company owned Datacenter offers SSAE 16 Type II certification powered exclusively by on-site Solar and Hydroelectric sources to provide a 100% renewable energy footprint. In 2013 the facility was designated as the 39th ENERGY STAR® Certified Datacenter in the United States. For more information, please call (518) 618-0999 or visit www.turnkeyinternet.net/media.

 

Follow Us : Facebooktwitterlinkedinyoutubeinstagram
Share : Facebooktwitterredditlinkedinmail

Written by David Maurer on December 13th, 2016

Tagged with , , , , ,

Crane Day: TurnKey Internet’s 2016 Expansion Continues   no comments

Posted at Sep 14, 2016 @ 8:45am New York Datacenter

cranedayTurnKey Internet’s latest expansion of our New York Datacenter continues on with “Crane Day”

This year’s “Crane Day” included upgrades to our datacenter’s cooling system with the installation of new equipment on the roof (right next to all of our awesome solar panels!)

These upgrades will help keep all of the servers located in our newest POD expansion running nice and cool.

To check out some additional photos from “Crane Day” visit our Facebook page here!

More 2016 Expansion updates will be coming soon!

 

Follow Us : Facebooktwitterlinkedinyoutubeinstagram
Share : Facebooktwitterredditlinkedinmail

Written by David Maurer on September 14th, 2016

Tagged with , ,

TurnKey Internet 2016 Expansion – Sneak Peak   no comments

Posted at Aug 3, 2016 @ 11:53am New York Datacenter

Ever wondered what goes inside those state of the art datacenters that run ‘the cloud’? Here is a sneak peak on day 1 as TurnKey Internet (https://turnkeyinternet.net) is expanding its New York Datacenter servicing the Capital Region with Colocation, Cloud Services and Disaster Recovery backup solutions.

More videos and pictures coming soon… Stay tuned!

Follow Us : Facebooktwitterlinkedinyoutubeinstagram
Share : Facebooktwitterredditlinkedinmail

Written by David Maurer on August 3rd, 2016

Tagged with , , , ,

TurnKey Internet is EXPANDING!   no comments

Posted at Jul 29, 2016 @ 10:23am New York Datacenter

expansion2016

We are excited to share with you a sneak preview of the latest expansion to our New York Data Center.

Today we begin construction on our newest POD as we expand to meet the high demand for Cloud Hosting and colocation services.

We’d love to share more with you however there are still multiple tractor-trailers full of equipment, and unfortunately they won’t unload themselves.

However please stay tuned… there will be more information, photos, and even videos to come!

Follow Us : Facebooktwitterlinkedinyoutubeinstagram
Share : Facebooktwitterredditlinkedinmail

Written by David Maurer on July 29th, 2016

Tagged with , , ,

PCI DSS Compliance in the Cloud for Web Sites, Servers, And Colocation   no comments

pci-dss compliant datacenter

pci-dss compliant datacenter

Active readers of the blog will know that I tend to write articles that you can apply to your everyday hosting. In the past, I’ve written you articles on backing up your software, determining if you need a dedicated server, what exactly is DNS and the list goes on. The one common thread these articles have is that each article assumes you have some type of hosting or possible server. In fact, these articles assume that you’re selling or possibly interested in selling products online. When you branch to selling your products online, you need to be aware of some type of mysterious item called Payment Card Industry Data Security Standard or PCI DSS. This will be the focus of our post today so let’s jump right into it.

 

What is Payment Card Industry Data Security Standard (PCI DSS)?

 

The payment card industry data security standard is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment for their customers. PCI DSS compliance is there to ensure that cardholder data is not stolen and shared around the globe. As a store owner, whether this be a website or a physical store, it’s your responsibility to ensure your customers data is protected and secure. PCI  DSS compliance is a standard set by the PCI Security Standards Council(PCI SSC). You can read about the standards here:

 

https://www.pcisecuritystandards.org/

 

PCI compliance against common belief isn’t actually a federal law in the United States, however, some U.S. states refer directly to the PCI DSS. For example, in 2007, Minnesota enacted a law that prohibits the retention of payment card data. In the 2009, Nevada followed suit. In the state of Nevada, merchants  are now required to comply with the PCI DSS standard. This allows those merchants to be shielded from liability should a breach in security occur. The following year, in 2010, Washington state incorporated standard into law. However, merchants are not required to abide by the PCI Compliance, but those are who, are shielded from liability. You can read more about this here:

 

http://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard#Mandated_compliance

 

 

Now that we’ve covered what exactly PCI DSS compliance is, let’s see if this currently applies to your situation.

 

Do I need to be PCI DSS compliant?

 

To answer this question, I must first ask you one back. Are you currently taking online payments from your customers? If so, yes, I would HIGHLY recommend becoming PCI DSS compliant especially if you’re based in the United States or the UK.  To take this either further, yes, you’ve setup your ecommerce site and you’ve begun taking payments. At this point, you need to decide between two options

 

  1. Allowing a 3rd party website known as hosted payment gateway to process payments
  2. Taking payments directly from your website

 

Each method has its pros and cons. Using a 3rd party or a hosted payment gateway is the safer route. The hosted payment gateway will store, process and transmit the account data. You will then use the 3rd party’s Merchant ID to collect the money and greatly simplify your PCI DSS compliance. Of course, there are different type of hosted payment gateways which we won’t get into for this article but they are listed below:

 

  1. Redirect method that sends your customer to a different site to process payment and then return them back to your site once payment is completed
  2. Iframe method places a payment form that’s fully hosted by your payment provider into your website. The customer stays on your site and is never redirected
  3. Direct post method sends the data directly to the payment service provider

 

If you decide to take payments directly on your website, you will be storing, processing and transmitting account data to your server. You will have to sign up for your own merchant account and comply with the highest level of the PCI DSS standards. As you can see from above, if you’re taking online payments, you will need some PCI compliance to provide your customers with a safe state of mind when providing payments to services off your website.

 

Now that you know what PCI DSS compliance is and know that if you’re running an ecommerce site, what are the steps that you need to take to achieve the PCI DSS compliance

 

Steps to PCI DSS compliance

 

Listed below are steps to PCI DSS compliance. You can go to https://www.pcisecuritystandards.org/security_standards/documents.php?category=saqs to get a further in depth guide to the steps you would need. These steps below should be taken as a general guide

 

  1. Build an maintain a secure network
    1. Install and maintain a firewall configuration to protect cardholder data
    2. Do no use vendor-supplied defaults for system passwords and other security parameters
    3. Protect cardholder data
      1. Protect stored cardholder data
      2. Encrypt transmission of cardholder data across, open public networks
      3. Main a vulnerability management program
        1. Use and regularly update anti-virus software or programs
        2. Develop and maintain secure systems and applications
        3. Implementing strong access control measures
          1. Restrict access to cardholder data by business need to know
          2. Assign a unique ID to each person with computer access
          3. Restrict physical access to cardholder data
          4. Regularly monitor and test networks
            1. Track and monitor all access to network resources and cardholder data
            2. Regurarly test security systems and processes
            3. Maintain an information security policy
              1. Main a policy that addresses information security for all personnel

 

Following those general steps whether you’re processing payments directly on your website or using a 3rd party payment gateway, will help to ensure that your customers account data is protected and secure. It will also help to ensure you’re complying with PCI DSS standards and while PCI DSS standards aren’t federal law in the United States, complying merchants will greatly reduce the risk they could suffer from liabilities from a data breach

 

Currently, here at Turnkey Internet, we’re 100% PCI DSS compliant. All of our payments are secure and consistently monitored and updated to ensure that all customer data is secure. Being PCI DSS compliant at Turnkey Internet allows us to offer our customers a piece of mind that non PCI DSS compliant merchants can’t offer. Personally, if a company isn’t compliant it makes me wonder if I can truly trust the merchant with my secure account data.

 

Hopefully this article will help guide you to a PCI DSS compliant ecommerce website that will ofer the same piece of mind that Turnkey Internet offers all of our customers.

 

Listed below are some references that will provide you greater details on the process of becoming PCI DSS compliant

 

Until next time

 

https://www.pcisecuritystandards.org/index.php

https://www.pcisecuritystandards.org/smb/

https://www.pcisecuritystandards.org/security_standards/documents.php?category=saqs

 

Follow Us : Facebooktwitterlinkedinyoutubeinstagram
Share : Facebooktwitterredditlinkedinmail

Written by Jeremy on October 28th, 2014

Tagged with , , , ,