If you’re here, you probably just learned that you need to be PCI-compliant and are in a scramble to figure out how to do that without breaking the bank. Very few providers have an easy solution for you, and the list of requirements might seem impossibly daunting.
Never fear! We are here to help. We have an out-of-the-box solution that will handle everything for you. And it’s not that much more costly than our regular, premium WordPress hosting.
Why do I need PCI-compliant hosting?
Great question! Basically, anyone who accepts credit card payments through their site needs to be PCI-compliant. Technically, that even includes those of you who use PayPal to handle all of your payments entirely off-site!
The thinking goes that if someone is considering using their credit card on your site, you need the entire thing to be secure so that those credit card numbers are safe. WordPress sites get hacked all the time and it wouldn’t be that hard for the attackers to piggy-back off of your payment systems and steal all of those card numbers.
What’s the fine for not being PCI-compliant? If you have a data breach and cardholder data is stolen, you could be looking at fines ranging from $5,000 to $500,000. And that’s not even factoring in your brand damage, litigation expenses, and other costs.
You need to protect your customers.
Who needs to be PCI Compliant?
Anyone accepting credit card payment on their website should be PCI-compliant, and that includes any kind of e-commerce site, membership sites where dues can be paid online, business-to-business sites with on-site payment abilities, and more!
Additionally, since our PCI-compliant servers actually provide a much-higher degree of security, it’s also ideal for those looking to ramp up their security. Most of our clients that provide IT services and support or anyone in finance can also greatly benefit from having these added layers of security.
Many of our clients have requested to be put on our PCI-compliant servers because they use a security monitoring service like Trustwave that looks for security issues. Regular hosting will always fail these kinds of checks, but our hardened servers should meet all of the requirements set forth.
What does PCI compliance consist of?
Essentially, PCI-compliance consists of implementing certain protocols and security standards while hardening your hosting server to make sure it isn’t vulnerable to attack.
Some of the things included are using TLS1.2 SSL certificates (related – how to tell if your SSL certificate supports TLS1.2) to encrypt the communication between browser and server, closing ports on the server, and patching older versions of server software. There are thousands of things that need to be considered in order to be fully PCI-compliant.
Different types and sizes of organizations are also subject to different requirements. More data is available on the official PCI website.
Out-of-the-box PCI compliance
We offer out-of-the-box PCI compliance. What that means is that after we set up the SSL certificate and move your site to our hosting, you’re done! There’s no need for endless server hardening or other lengthy and difficult processes.
How do we accomplish this? The data center we use has servers that are pre-built to be PCI compliant. All of the appropriate patches have already been applied and all of the most secure settings are established. You won’t have to deal with any configuration or headaches.
We take care of everything!
If you’ve looked elsewhere for PCI-compliant hosting or worse: tried to harden a server yourself, then you know how difficult it is to accomplish. We’ve had clients who spent literally thousands of dollars trying to make their hosting compliant. And even after many months when they finally passed, they found that they were constantly having to make changes and troubleshoot new issues to stay PCI compliant.
Most of our clients report passing their certification on the first try after switching to our hosting. That’s peace-of-mind.
What does it cost?
Much less than you’d think! We simply charge a flat yearly rate. That means no setup fee, no ongoing maintenance fees to keep it compliant, and no other hidden fees at all. Prices start at around $30/month. That’s less than you’re probably paying for your phone bill!
If you go elsewhere, you’re looking at a minimum of renting a VPS server for probably $30/month, and then having to pay someone potentially thousands to patch it to the point where it’s compliant. It’s simply not worth it.
Conclusion – PCI compliance doesn’t have to be difficult
If you work with us, we’ll get you set up in no time, and you won’t have to deal with any of the headache that comes with trying to configure your own server. Let us handle it all for you!