Windstream Hosted Solutions has announced that its cloud and hosting data centers have validated compliance with the Payment Card Industry (PCI) Data Security Standards (DSS) version 2.0 as a “Level 1” certified service provider. The certification reflects Windstream’s full compliance with the PCI DSS standard.
PCI DSS is a comprehensive set of standards that requires all merchants and service providers that store, process, or transmit customer payment card data to adhere to strict information security controls and processes. Designed to prevent credit card fraud, the standards include 12 requirements that encompass security management, policies and procedures, physical security, network architecture, user access management, network and systems monitoring, and software development.
“As businesses continue to store, process, and transmit credit card information in data centers, we must work to minimize the risk of security breaches that impact customers while also putting businesses at risk of critical data loss and monetary liability,” said Chris Nicolini, Windstream’s senior vice president of data center operations. “Because of our commitment to our customers and the security of their data, Windstream has proactively met this service provider responsibility, alleviating some of the compliance obligations and costs placed on individual businesses.”
The Windstream PCI assessment was performed by BrightLine CPAs & Associates, Inc., a globally accredited Qualified Security Assessor (QSA) firm that provides assurance and compliance services to global companies. As a “Level 1-certified” service provider–the highest certification achievable–Windstream can store, process, and/or transmit an unlimited amount of transactions annually. To ensure maintenance of the highest standard of compliance, Windstream will independently scan for network threats and conduct annual audits with BrightLine.
“We are making it simple for government, education and business customers to select Windstream by providing industry validation of our high-touch approach to ensuring security and confidentiality of strategic, personal, financial and security information,” said Matt Preschern, Windstream’s senior vice president and enterprise chief marketing officer. “This is part of our greater strategy of expanding capability, security and regional presence as we double our cloud and hosting business. In addition to industry qualifications, Windstream offers contracts such as HIPAA Business Associate Agreements (BAA) which confirm our commitment to patient health information security.”
