Welcome!

News Feed Item

Latisys Announces PCI Compliance and HIPAA Risk Assessment for Cloud-Enabled Systems Infrastructure

Cloud Hosting Provider Continues Expansion of Portfolio in Response to Enterprise Demand for Compliant IT Infrastructure Services

ASHBURN, VA -- (Marketwired) -- 08/19/14 -- Responding to continued demand for outsourced IT services designed, tested and audited to meet the controls requirements of key government and regulatory standards, Latisys today announced that for the second year in a row it has achieved compliance with regulatory standards for delivering the highest levels of security and reliability as deemed by third party independent auditors.

Latisys is a leading provider of hybrid cloud hosting solutions delivered from its Cloud-Enabled Systems Infrastructure (CESI) and international platform of eight data centers. The annual reports distinguish Latisys' platform as being in alignment with key compliance and risk assessment requirements including:

  • The Payment Card Industry (PCI) Data Security Standard (DSS) 2.0
  • The Health Insurance Portability and Accountability Act (HIPAA) report for physical controls
  • The Gramm-Leach-Bliley Act (GLBA)--otherwise known as the Financial Services Modernization Act of 1999

The Payment Card Industry (PCI) Data Security Standard (DSS) is a set of security standards that are designed to ensure the security of credit and debit card transactions and protect cardholders against identity theft. PCI DSS consists of twelve broad security requirements and over 260 specific controls. Coalfire Systems is a leading Qualified Security Assessor (QSA) firm and is certified to perform PCI DSS compliance audits under the credentials issued to the firm by the PCI Security Standard Council. In keeping with the standard and the firm's credentials, Coalfire issued Latisys an Attestation of Compliance (AoC) with the PCI DSS.

Coalfire's assessment examined technical, physical and administrative controls associated with Latisys' ability to provide colocation and hosting that meets requirements established by PCI and other regulations cited above. Completion of the assessments provides Latisys with a formal third-party evaluation of its national platform and IT services for compliant hosting. Coalfire audited Latisys' policies and procedures for sections 8 (assigning unique user IDs) 9 (physical controls) & 12 (information security policies) of the PCI DSS.

Latisys continues to expand compliance related to its corporate network. The 2014 assessment covers the delivery of managed firewalls, which have now been audited for all PCI controls. Latisys threat management suite includes key features such as intrusion detection and prevention, password vaults, two factor authentication, security information and event management, penetration testing, and vulnerability scanning.

At Latisys' discretion, the results of the Coalfire assessment may be obtained by prospective customers and their auditors with an executed non-disclosure agreement. Latisys also offers a variety of managed services to assist in other areas of the standard or to provide comprehensive assistance designing and managing security practices such as firewall, VPN and intrusion detection.

"Latisys continues to expand its compliance portfolio in-line with what most enterprises and online businesses require to maintain compliance with multiple security standards, including the PCI DSS, HIPAA and GLBA," said Dirk Anderson, a Managing Director at Coalfire. "By deploying Latisys IT infrastructure solutions, enterprise customers benefit from validated controls that make compliance management far more effective."

In addition, Latisys' platform is operated under SSAE 16 (SOC 2 Type 2 and SOC 3) audited controls, which reaffirm Latisys' commitment to meeting the highest standards for availability and security, while making sure all of the appropriate controls and safeguards are firmly in place. Latisys' SSAE16 is validated across all Latisys facilities and covers both security and availability principles in detail. The SOC audits were performed last year by Ehrhardt Keefe Steiner & Hottman, P.C. (EKS&H), one of the largest CPA firms headquartered in the Rocky Mountain Region.

"Latisys has been and remains very focused on supporting customers who have a requirement to demonstrate compliance with regulatory and IT Governance requirements," said Pete Stevenson, CEO of Latisys. "Earning the Attestation of Compliance is a critical benchmark as we continue building our compliance portfolio to support enterprise customer needs."

With high-density data centers located in every U.S. time zone, Latisys' national reach enables multi-site redundancy, managed backup and secure disaster recovery including cloud-based DR solutions. Latisys' Tier III facilities are designed for the business continuity of mission-critical operations -- offering the power densities, cooling, backbone network and managed services with an eye toward reducing capital expenditures for storage and ongoing maintenance.

Latisys leads the IaaS industry in customer satisfaction with a Net Promoter score of 46, and recently received its first ever inclusion in the 2014 Gartner Magic Quadrant for Cloud-Enabled Managed Hosting, which can be accessed here.

About Latisys
Latisys is a leading provider of hybrid cloud hosting and data center solutions to medium-sized businesses, enterprise customers and government agencies. With a heritage serving business customers since 1994, and multiple high-density data centers across the United States -- and now in the United Kingdom -- Latisys offers a scalable outsourced IT infrastructure platform that provides customers with what they need, when they need it. As a client-centric company -- with state of the art data centers in Ashburn, Virginia, Chicago, Denver, Irvine, California and London -- Latisys is quickly becoming the IaaS platform of choice for companies that seek a truly flexible IT infrastructure partner. Call 1-866-956-9594, visit www.latisys.com or follow us on Twitter at https://twitter.com/Latisys for additional information. All Systems Grow.

About Coalfire
Coalfire is a leading, independent information technology Governance, Risk and Compliance (IT GRC) firm that provides IT audit, risk assessment and compliance management solutions. Founded in 2001, Coalfire has offices in Dallas, Denver, Los Angeles, New York, San Francisco, Seattle and Washington D.C. and completes thousands of projects annually in retail, financial services, healthcare, government and utilities. Coalfire's solutions are adapted to requirements under emerging data privacy legislation, the PCI DSS, GLBA, FFIEC, HIPAA/HITECH, HITRUST, NERC CIP, Sarbanes-Oxley, FISMA and FedRAMP. For more information, visit www.coalfire.com.

LATISYS CONTACT:
Carter B. Cromley
Email Contact
(703) 861-7245

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
In most cases, it is convenient to have some human interaction with a web (micro-)service, no matter how small it is. A traditional approach would be to create an HTTP interface, where user requests will be dispatched and HTML/CSS pages must be served. This approach is indeed very traditional for a web site, but not really convenient for a web service, which is not intended to be good looking, 24x7 up and running and UX-optimized. Instead, talking to a web service in a chat-bot mode would be muc...
SYS-CON Events announced today that Men & Mice, the leading global provider of DNS, DHCP and IP address management overlay solutions, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. The Men & Mice Suite overlay solution is already known for its powerful application in heterogeneous operating environments, enabling enterprises to scale without fuss. Building on a solid range of diverse platform support,...
When building large, cloud-based applications that operate at a high scale, it’s important to maintain a high availability and resilience to failures. In order to do that, you must be tolerant of failures, even in light of failures in other areas of your application. “Fly two mistakes high” is an old adage in the radio control airplane hobby. It means, fly high enough so that if you make a mistake, you can continue flying with room to still make mistakes. In his session at 18th Cloud Expo, Lee...
More and more companies are looking to microservices as an architectural pattern for breaking apart applications into more manageable pieces so that agile teams can deliver new features quicker and more effectively. What this pattern has done more than anything to date is spark organizational transformations, setting the foundation for future application development. In practice, however, there are a number of considerations to make that go beyond simply “build, ship, and run,” which changes ho...
WebSocket is effectively a persistent and fat pipe that is compatible with a standard web infrastructure; a "TCP for the Web." If you think of WebSocket in this light, there are other more hugely interesting applications of WebSocket than just simply sending data to a browser. In his session at 18th Cloud Expo, Frank Greco, Director of Technology for Kaazing Corporation, will compare other modern web connectivity methods such as HTTP/2, HTTP Streaming, Server-Sent Events and new W3C event APIs ...
SYS-CON Events announced today that AppNeta, the leader in performance insight for business-critical web applications, will exhibit and present at SYS-CON's @DevOpsSummit at Cloud Expo New York, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. AppNeta is the only application performance monitoring (APM) company to provide solutions for all applications – applications you develop internally, business-critical SaaS applications you use and the networks that deli...
Fortunately, meaningful and tangible business cases for IoT are plentiful in a broad array of industries and vertical markets. These range from simple warranty cost reduction for capital intensive assets, to minimizing downtime for vital business tools, to creating feedback loops improving product design, to improving and enhancing enterprise customer experiences. All of these business cases, which will be briefly explored in this session, hinge on cost effectively extracting relevant data from ...
Companies can harness IoT and predictive analytics to sustain business continuity; predict and manage site performance during emergencies; minimize expensive reactive maintenance; and forecast equipment and maintenance budgets and expenditures. Providing cost-effective, uninterrupted service is challenging, particularly for organizations with geographically dispersed operations.
There will be new vendors providing applications, middleware, and connected devices to support the thriving IoT ecosystem. This essentially means that electronic device manufacturers will also be in the software business. Many will be new to building embedded software or robust software. This creates an increased importance on software quality, particularly within the Industrial Internet of Things where business-critical applications are becoming dependent on products controlled by software. Qua...
SYS-CON Events announced today that iDevices®, the preeminent brand in the connected home industry, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. iDevices, the preeminent brand in the connected home industry, has a growing line of HomeKit-enabled products available at the largest retailers worldwide. Through the “Designed with iDevices” co-development program and its custom-built IoT Cloud Infrastruc...
The cloud competition for database hosts is fierce. How do you evaluate a cloud provider for your database platform? In his session at 18th Cloud Expo, Chris Presley, a Solutions Architect at Pythian, will give users a checklist of considerations when choosing a provider. Chris Presley is a Solutions Architect at Pythian. He loves order – making him a premier Microsoft SQL Server expert. Not only has he programmed and administered SQL Server, but he has also shared his expertise and passion w...
Join us at Cloud Expo | @ThingsExpo 2016 – June 7-9 at the Javits Center in New York City and November 1-3 at the Santa Clara Convention Center in Santa Clara, CA – and deliver your unique message in a way that is striking and unforgettable by taking advantage of SYS-CON's unmatched high-impact, result-driven event / media packages.
As enterprises work to take advantage of Big Data technologies, they frequently become distracted by product-level decisions. In most new Big Data builds this approach is completely counter-productive: it presupposes tools that may not be a fit for development teams, forces IT to take on the burden of evaluating and maintaining unfamiliar technology, and represents a major up-front expense. In his session at @BigDataExpo at @ThingsExpo, Andrew Warfield, CTO and Co-Founder of Coho Data, will dis...
SYS-CON Events announced today that (ISC)²® (“ISC-squared”) will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Two leading non-profits focused on cloud and information security, (ISC)² and Cloud Security Alliance (CSA), developed the Certified Cloud Security Professional (CCSP) certification to address the increased demand for cloud security expertise due to rapid growth in cloud. Recently named “The Next...
The Art of DevOps provides a fun overview to help teams understand DevOps. Written in the style of the famous 6th century Chinese manuscript “The Art of War,” this eBook describes DevOps in the form of a mission to continuously deliver assets to the operational battlegrounds safely, securely, and quickly. It’s a fun read with valuable insights.