Click here to close now.




















Welcome!

News Feed Item

Latisys Announces PCI Compliance and HIPAA Risk Assessment for Cloud-Enabled Systems Infrastructure

Cloud Hosting Provider Continues Expansion of Portfolio in Response to Enterprise Demand for Compliant IT Infrastructure Services

ASHBURN, VA -- (Marketwired) -- 08/19/14 -- Responding to continued demand for outsourced IT services designed, tested and audited to meet the controls requirements of key government and regulatory standards, Latisys today announced that for the second year in a row it has achieved compliance with regulatory standards for delivering the highest levels of security and reliability as deemed by third party independent auditors.

Latisys is a leading provider of hybrid cloud hosting solutions delivered from its Cloud-Enabled Systems Infrastructure (CESI) and international platform of eight data centers. The annual reports distinguish Latisys' platform as being in alignment with key compliance and risk assessment requirements including:

  • The Payment Card Industry (PCI) Data Security Standard (DSS) 2.0
  • The Health Insurance Portability and Accountability Act (HIPAA) report for physical controls
  • The Gramm-Leach-Bliley Act (GLBA)--otherwise known as the Financial Services Modernization Act of 1999

The Payment Card Industry (PCI) Data Security Standard (DSS) is a set of security standards that are designed to ensure the security of credit and debit card transactions and protect cardholders against identity theft. PCI DSS consists of twelve broad security requirements and over 260 specific controls. Coalfire Systems is a leading Qualified Security Assessor (QSA) firm and is certified to perform PCI DSS compliance audits under the credentials issued to the firm by the PCI Security Standard Council. In keeping with the standard and the firm's credentials, Coalfire issued Latisys an Attestation of Compliance (AoC) with the PCI DSS.

Coalfire's assessment examined technical, physical and administrative controls associated with Latisys' ability to provide colocation and hosting that meets requirements established by PCI and other regulations cited above. Completion of the assessments provides Latisys with a formal third-party evaluation of its national platform and IT services for compliant hosting. Coalfire audited Latisys' policies and procedures for sections 8 (assigning unique user IDs) 9 (physical controls) & 12 (information security policies) of the PCI DSS.

Latisys continues to expand compliance related to its corporate network. The 2014 assessment covers the delivery of managed firewalls, which have now been audited for all PCI controls. Latisys threat management suite includes key features such as intrusion detection and prevention, password vaults, two factor authentication, security information and event management, penetration testing, and vulnerability scanning.

At Latisys' discretion, the results of the Coalfire assessment may be obtained by prospective customers and their auditors with an executed non-disclosure agreement. Latisys also offers a variety of managed services to assist in other areas of the standard or to provide comprehensive assistance designing and managing security practices such as firewall, VPN and intrusion detection.

"Latisys continues to expand its compliance portfolio in-line with what most enterprises and online businesses require to maintain compliance with multiple security standards, including the PCI DSS, HIPAA and GLBA," said Dirk Anderson, a Managing Director at Coalfire. "By deploying Latisys IT infrastructure solutions, enterprise customers benefit from validated controls that make compliance management far more effective."

In addition, Latisys' platform is operated under SSAE 16 (SOC 2 Type 2 and SOC 3) audited controls, which reaffirm Latisys' commitment to meeting the highest standards for availability and security, while making sure all of the appropriate controls and safeguards are firmly in place. Latisys' SSAE16 is validated across all Latisys facilities and covers both security and availability principles in detail. The SOC audits were performed last year by Ehrhardt Keefe Steiner & Hottman, P.C. (EKS&H), one of the largest CPA firms headquartered in the Rocky Mountain Region.

"Latisys has been and remains very focused on supporting customers who have a requirement to demonstrate compliance with regulatory and IT Governance requirements," said Pete Stevenson, CEO of Latisys. "Earning the Attestation of Compliance is a critical benchmark as we continue building our compliance portfolio to support enterprise customer needs."

With high-density data centers located in every U.S. time zone, Latisys' national reach enables multi-site redundancy, managed backup and secure disaster recovery including cloud-based DR solutions. Latisys' Tier III facilities are designed for the business continuity of mission-critical operations -- offering the power densities, cooling, backbone network and managed services with an eye toward reducing capital expenditures for storage and ongoing maintenance.

Latisys leads the IaaS industry in customer satisfaction with a Net Promoter score of 46, and recently received its first ever inclusion in the 2014 Gartner Magic Quadrant for Cloud-Enabled Managed Hosting, which can be accessed here.

About Latisys
Latisys is a leading provider of hybrid cloud hosting and data center solutions to medium-sized businesses, enterprise customers and government agencies. With a heritage serving business customers since 1994, and multiple high-density data centers across the United States -- and now in the United Kingdom -- Latisys offers a scalable outsourced IT infrastructure platform that provides customers with what they need, when they need it. As a client-centric company -- with state of the art data centers in Ashburn, Virginia, Chicago, Denver, Irvine, California and London -- Latisys is quickly becoming the IaaS platform of choice for companies that seek a truly flexible IT infrastructure partner. Call 1-866-956-9594, visit www.latisys.com or follow us on Twitter at https://twitter.com/Latisys for additional information. All Systems Grow.

About Coalfire
Coalfire is a leading, independent information technology Governance, Risk and Compliance (IT GRC) firm that provides IT audit, risk assessment and compliance management solutions. Founded in 2001, Coalfire has offices in Dallas, Denver, Los Angeles, New York, San Francisco, Seattle and Washington D.C. and completes thousands of projects annually in retail, financial services, healthcare, government and utilities. Coalfire's solutions are adapted to requirements under emerging data privacy legislation, the PCI DSS, GLBA, FFIEC, HIPAA/HITECH, HITRUST, NERC CIP, Sarbanes-Oxley, FISMA and FedRAMP. For more information, visit www.coalfire.com.

LATISYS CONTACT:
Carter B. Cromley
Email Contact
(703) 861-7245

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
WebRTC has had a real tough three or four years, and so have those working with it. Only a few short years ago, the development world were excited about WebRTC and proclaiming how awesome it was. You might have played with the technology a couple of years ago, only to find the extra infrastructure requirements were painful to implement and poorly documented. This probably left a bitter taste in your mouth, especially when things went wrong.
Skeuomorphism usually means retaining existing design cues in something new that doesn’t actually need them. However, the concept of skeuomorphism can be thought of as relating more broadly to applying existing patterns to new technologies that, in fact, cry out for new approaches. In his session at DevOps Summit, Gordon Haff, Senior Cloud Strategy Marketing and Evangelism Manager at Red Hat, discussed why containers should be paired with new architectural practices such as microservices rathe...
SYS-CON Events announced today that G2G3 will exhibit at SYS-CON's @DevOpsSummit Silicon Valley, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Based on a collective appreciation for user experience, design, and technology, G2G3 is uniquely qualified and motivated to redefine how organizations and people engage in an increasingly digital world.
Any Ops team trying to support a company in today’s cloud-connected world knows that a new way of thinking is required – one just as dramatic than the shift from Ops to DevOps. The diversity of modern operations requires teams to focus their impact on breadth vs. depth. In his session at DevOps Summit, Adam Serediuk, Director of Operations at xMatters, Inc., will discuss the strategic requirements of evolving from Ops to DevOps, and why modern Operations has begun leveraging the “NoOps” approa...
Too often with compelling new technologies market participants become overly enamored with that attractiveness of the technology and neglect underlying business drivers. This tendency, what some call the “newest shiny object syndrome,” is understandable given that virtually all of us are heavily engaged in technology. But it is also mistaken. Without concrete business cases driving its deployment, IoT, like many other technologies before it, will fade into obscurity.
Organizations from small to large are increasingly adopting cloud solutions to deliver essential business services at a much lower cost. According to cyber security experts, the frequency and severity of cyber-attacks are on the rise, causing alarm to businesses and customers across a variety of industries. To defend against exploits like these, a company must adopt a comprehensive security defense strategy that is designed for their business. In 2015, organizations such as United Airlines, Sony...
The Internet of Things is in the early stages of mainstream deployment but it promises to unlock value and rapidly transform how organizations manage, operationalize, and monetize their assets. IoT is a complex structure of hardware, sensors, applications, analytics and devices that need to be able to communicate geographically and across all functions. Once the data is collected from numerous endpoints, the challenge then becomes converting it into actionable insight.
Puppet Labs has announced the next major update to its flagship product: Puppet Enterprise 2015.2. This release includes new features providing DevOps teams with clarity, simplicity and additional management capabilities, including an all-new user interface, an interactive graph for visualizing infrastructure code, a new unified agent and broader infrastructure support.
Consumer IoT applications provide data about the user that just doesn’t exist in traditional PC or mobile web applications. This rich data, or “context,” enables the highly personalized consumer experiences that characterize many consumer IoT apps. This same data is also providing brands with unprecedented insight into how their connected products are being used, while, at the same time, powering highly targeted engagement and marketing opportunities. In his session at @ThingsExpo, Nathan Trel...
Amazon and Google have built software-defined data centers (SDDCs) that deliver massively scalable services with great efficiency. Yet, building SDDCs has proven to be a near impossibility for ‘normal’ companies without hyper-scale resources. In his session at 17th Cloud Expo, David Cauthron, founder and chief executive officer of Nimboxx, will discuss the evolution of virtualization (hardware, application, memory, storage) and how commodity / open source hyper converged infrastructure (HCI) so...
In their Live Hack” presentation at 17th Cloud Expo, Stephen Coty and Paul Fletcher, Chief Security Evangelists at Alert Logic, will provide the audience with a chance to see a live demonstration of the common tools cyber attackers use to attack cloud and traditional IT systems. This “Live Hack” uses open source attack tools that are free and available for download by anybody. Attendees will learn where to find and how to operate these tools for the purpose of testing their own IT infrastructu...
The web app is agile. The REST API is agile. The testing and planning are agile. But alas, data infrastructures certainly are not. Once an application matures, changing the shape or indexing scheme of data often forces at best a top down planning exercise and at worst includes schema changes that force downtime. The time has come for a new approach that fundamentally advances the agility of distributed data infrastructures. Come learn about a new solution to the problems faced by software organ...
With the Apple Watch making its way onto wrists all over the world, it’s only a matter of time before it becomes a staple in the workplace. In fact, Forrester reported that 68 percent of technology and business decision-makers characterize wearables as a top priority for 2015. Recognizing their business value early on, FinancialForce.com was the first to bring ERP to wearables, helping streamline communication across front and back office functions. In his session at @ThingsExpo, Kevin Roberts...
IBM’s Blue Box Cloud, powered by OpenStack, is now available in any of IBM’s globally integrated cloud data centers running SoftLayer infrastructure. Less than 90 days after its acquisition of Blue Box, IBM has integrated its Blue Box Cloud Dedicated private-cloud-as-a-service into its broader portfolio of OpenStack® based solutions. The announcement, made today at the OpenStack Silicon Valley event, further highlights IBM’s continued support to deliver OpenStack solutions across all cloud depl...
Red Hat is investing in Tesora, the number one contributor to OpenStack Trove Database as a Service (DBaaS) also ranked among the top 20 companies contributing to OpenStack overall. Tesora, the company bringing OpenStack Trove Database as a Service (DBaaS) to the enterprise, has announced that Red Hat and others have invested in the company as a part of Tesora's latest funding round. The funding agreement expands on the ongoing collaboration between Tesora and Red Hat, which dates back to Febr...