The huge experience ripened in database management, in CRM culture and in management of “one to one” relationship allowed to DVR of realizing products and services completes and powerful, joined to an extraordinary ease to use.
A NEW DATACENTER PCI DSS CERTIFIED
The aim of customer was the building, in a datacenter in Milan, of an IT security and network infrastructure able to respect the PCI DSS standard. This is because the customer has its own software that have the needs of storage information about credit cards and, so, is necessary to respect world standard.
Client requests were the following:
- Building of a security system with triple bastion firewall
- Split of services in DMZ networks, development and production networks
- Redundancy and flexibility of network part
- Respect of PCI-DSS standard in terms of architecture and security
The PCI-DSS standard (Payment Card Industry Data Security Standard) has been elaborated with the aim of standardizing the modalities of credit card data security management by PCI consortium, created by American Express, Discover Financial Services, JCB, MasterCard Worldwide e Visa International.
The responsible entity of PCI protection standard, is a global open forum, born in 2006, that occupies on development, management, information and spreading of PCI protection standard, which include: Standard of data protection (DSS), Standard of data protection for payment applications (PA-DSS) and PIN transactions security (PTS).
The five founders have decided to include the PCI DSS as a technic requirement for all their conformity programs for data security.Every member recognizes the validity for conformity at PCI DSS of QSA and of ASV certified by the responsible entity of PCI protection standard.
The project aim is the building of an IT security infrastructure able to respect both in terms of architecture and in terms of configuration, the PCI-DSS standard.
The infrastructure had to work for putting into service and ready for being checked by certification entity .
SOLUTION, BENEFITS AND CONNECT’S ADDED VALUE
The Connect-s added value was the use of competences in IT security field joined with team work in order to satisfy quality and rapidity requested by the customer.
The characteristics of the solutions are the following:
- Architecture witha triple security level
- Use of IPS technology and AV on perimeter
- Segregation at 2 or 3 level of networks
- Use of stacking technology for network part
- Use of cluster technology for security part
- Creation of appropriate network services (AAA, NTP, SYSLOG, etc…)
- Respect of PCI-DSS standard
The adoption of a new infrastructure allowed to:
- Obtain PCI-DSS certification for the infrastructure
- Production in rapid times of new services supported by Datacenter structure
- Increase efficiency, security and performance for DVR Italia customers compared to services make available by DVR Italia