Yottaa Is PCI Certified
We are happy to announce that Yottaa has attained our PCI DSS Level 1 certification. Any PCI certified environment that is hosted on the Yottaa network can now take advantage of our service provider PCI certification to provide additional protection for sensitive customer data.
What is PCI?
Companies that transact commerce online must be certified in accordance with requirements outlined by the Payment Card Industry Data Security Standard (widely known as PCI DSS). This means that a company complies with a set of data protection mandates developed by the major payment card companies for businesses that store, process, or transmit payment card data. Yottaa meets this description.
Whenever payment information can pass through an online service provider’s environment, that vendor may be considered “in scope” for the DSS and must be vetted accordingly. For more information on what’s in scope http://www.infosecisland.com/blogview/18637-PCI-Compliance-What-is-In-Scope.html and https://pciguru.wordpress.com/tag/in-scope/. Yottaa does not store or process payment data, but because we provide an online service to our eCommerce and mCommerce customers, we are considered to be in the scope of their PCI environment. In effect, Yottaa must guarantee that the protections they put in place are maintained as traffic and data are transmitted, and the DSS certification is the PCI’s way of endorsing that those protections are in place. We hold ourselves to the highest standards for performance and security, and this certification proves our commitment to our customers and theirs.