Click here to close now.

Welcome!

News Feed Item

Latisys Announces PCI Compliance and HIPAA Risk Assessment for Cloud-Enabled Systems Infrastructure

Cloud Hosting Provider Continues Expansion of Portfolio in Response to Enterprise Demand for Compliant IT Infrastructure Services

ASHBURN, VA -- (Marketwired) -- 08/19/14 -- Responding to continued demand for outsourced IT services designed, tested and audited to meet the controls requirements of key government and regulatory standards, Latisys today announced that for the second year in a row it has achieved compliance with regulatory standards for delivering the highest levels of security and reliability as deemed by third party independent auditors.

Latisys is a leading provider of hybrid cloud hosting solutions delivered from its Cloud-Enabled Systems Infrastructure (CESI) and international platform of eight data centers. The annual reports distinguish Latisys' platform as being in alignment with key compliance and risk assessment requirements including:

  • The Payment Card Industry (PCI) Data Security Standard (DSS) 2.0
  • The Health Insurance Portability and Accountability Act (HIPAA) report for physical controls
  • The Gramm-Leach-Bliley Act (GLBA)--otherwise known as the Financial Services Modernization Act of 1999

The Payment Card Industry (PCI) Data Security Standard (DSS) is a set of security standards that are designed to ensure the security of credit and debit card transactions and protect cardholders against identity theft. PCI DSS consists of twelve broad security requirements and over 260 specific controls. Coalfire Systems is a leading Qualified Security Assessor (QSA) firm and is certified to perform PCI DSS compliance audits under the credentials issued to the firm by the PCI Security Standard Council. In keeping with the standard and the firm's credentials, Coalfire issued Latisys an Attestation of Compliance (AoC) with the PCI DSS.

Coalfire's assessment examined technical, physical and administrative controls associated with Latisys' ability to provide colocation and hosting that meets requirements established by PCI and other regulations cited above. Completion of the assessments provides Latisys with a formal third-party evaluation of its national platform and IT services for compliant hosting. Coalfire audited Latisys' policies and procedures for sections 8 (assigning unique user IDs) 9 (physical controls) & 12 (information security policies) of the PCI DSS.

Latisys continues to expand compliance related to its corporate network. The 2014 assessment covers the delivery of managed firewalls, which have now been audited for all PCI controls. Latisys threat management suite includes key features such as intrusion detection and prevention, password vaults, two factor authentication, security information and event management, penetration testing, and vulnerability scanning.

At Latisys' discretion, the results of the Coalfire assessment may be obtained by prospective customers and their auditors with an executed non-disclosure agreement. Latisys also offers a variety of managed services to assist in other areas of the standard or to provide comprehensive assistance designing and managing security practices such as firewall, VPN and intrusion detection.

"Latisys continues to expand its compliance portfolio in-line with what most enterprises and online businesses require to maintain compliance with multiple security standards, including the PCI DSS, HIPAA and GLBA," said Dirk Anderson, a Managing Director at Coalfire. "By deploying Latisys IT infrastructure solutions, enterprise customers benefit from validated controls that make compliance management far more effective."

In addition, Latisys' platform is operated under SSAE 16 (SOC 2 Type 2 and SOC 3) audited controls, which reaffirm Latisys' commitment to meeting the highest standards for availability and security, while making sure all of the appropriate controls and safeguards are firmly in place. Latisys' SSAE16 is validated across all Latisys facilities and covers both security and availability principles in detail. The SOC audits were performed last year by Ehrhardt Keefe Steiner & Hottman, P.C. (EKS&H), one of the largest CPA firms headquartered in the Rocky Mountain Region.

"Latisys has been and remains very focused on supporting customers who have a requirement to demonstrate compliance with regulatory and IT Governance requirements," said Pete Stevenson, CEO of Latisys. "Earning the Attestation of Compliance is a critical benchmark as we continue building our compliance portfolio to support enterprise customer needs."

With high-density data centers located in every U.S. time zone, Latisys' national reach enables multi-site redundancy, managed backup and secure disaster recovery including cloud-based DR solutions. Latisys' Tier III facilities are designed for the business continuity of mission-critical operations -- offering the power densities, cooling, backbone network and managed services with an eye toward reducing capital expenditures for storage and ongoing maintenance.

Latisys leads the IaaS industry in customer satisfaction with a Net Promoter score of 46, and recently received its first ever inclusion in the 2014 Gartner Magic Quadrant for Cloud-Enabled Managed Hosting, which can be accessed here.

About Latisys
Latisys is a leading provider of hybrid cloud hosting and data center solutions to medium-sized businesses, enterprise customers and government agencies. With a heritage serving business customers since 1994, and multiple high-density data centers across the United States -- and now in the United Kingdom -- Latisys offers a scalable outsourced IT infrastructure platform that provides customers with what they need, when they need it. As a client-centric company -- with state of the art data centers in Ashburn, Virginia, Chicago, Denver, Irvine, California and London -- Latisys is quickly becoming the IaaS platform of choice for companies that seek a truly flexible IT infrastructure partner. Call 1-866-956-9594, visit www.latisys.com or follow us on Twitter at https://twitter.com/Latisys for additional information. All Systems Grow.

About Coalfire
Coalfire is a leading, independent information technology Governance, Risk and Compliance (IT GRC) firm that provides IT audit, risk assessment and compliance management solutions. Founded in 2001, Coalfire has offices in Dallas, Denver, Los Angeles, New York, San Francisco, Seattle and Washington D.C. and completes thousands of projects annually in retail, financial services, healthcare, government and utilities. Coalfire's solutions are adapted to requirements under emerging data privacy legislation, the PCI DSS, GLBA, FFIEC, HIPAA/HITECH, HITRUST, NERC CIP, Sarbanes-Oxley, FISMA and FedRAMP. For more information, visit www.coalfire.com.

LATISYS CONTACT:
Carter B. Cromley
Email Contact
(703) 861-7245

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
SYS-CON Events announced today that Secure Infrastructure & Services will exhibit at SYS-CON's 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Secure Infrastructure & Services (SIAS) is a managed services provider of cloud computing solutions for the IBM Power Systems market. The company helps mid-market firms built on IBM hardware platforms to deploy new levels of reliable and cost-effective computing and hig...
The enterprise market will drive IoT device adoption over the next five years. In his session at @ThingsExpo, John Greenough, an analyst at BI Intelligence, division of Business Insider, analyzed how companies will adopt IoT products and the associated cost of adopting those products. John Greenough is the lead analyst covering the Internet of Things for BI Intelligence- Business Insider’s paid research service. Numerous IoT companies have cited his analysis of the IoT. Prior to joining BI In...
DevOps Summit, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development...
Live Webinar with 451 Research Analyst Peter Christy. Join us on Wednesday July 22, 2015, at 10 am PT / 1 pm ET In a world where users are on the Internet and the applications are in the cloud, how do you maintain your historic SLA with your users? Peter Christy, Research Director, Networks at 451 Research, will discuss this new network paradigm, one in which there is no LAN and no WAN, and discuss what users and network administrators gain and give up when migrating to the agile world of clo...
DevOps is about increasing efficiency, but nothing is more inefficient than building the same application twice. However, this is a routine occurrence with enterprise applications that need both a rich desktop web interface and strong mobile support. With recent technological advances from Isomorphic Software and others, it is now feasible to create a rich desktop and tuned mobile experience with a single codebase, without compromising performance or usability.
Containers are revolutionizing the way we deploy and maintain our infrastructures, but monitoring and troubleshooting in a containerized environment can still be painful and impractical. Understanding even basic resource usage is difficult – let alone tracking network connections or malicious activity. In his session at DevOps Summit, Gianluca Borello, Sr. Software Engineer at Sysdig, will cover the current state of the art for container monitoring and visibility, including pros / cons and liv...
SYS-CON Media announced today that CloudBees, the Jenkins Enterprise company, has launched ad campaigns on SYS-CON's DevOps Journal. CloudBees' campaigns focus on the business value of Continuous Delivery and how it has been recognized as a game changer for IT and is now a top priority for organizations, and the best ways to optimize Jenkins to ensure your continuous integration environment is optimally configured.
The 4th International Internet of @ThingsExpo, co-located with the 17th International Cloud Expo - to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA - announces that its Call for Papers is open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than
SYS-CON Events announced today that ProfitBricks, the provider of painless cloud infrastructure, will exhibit at SYS-CON's 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. ProfitBricks is the IaaS provider that offers a painless cloud experience for all IT users, with no learning curve. ProfitBricks boasts flexible cloud servers and networking, an integrated Data Center Designer tool for visual control over the...
"In the IoT space we are helping customers, mostly enterprises and industry verticals where time-to-value is critical, and we help them with the ability to do faster insights and actions using our platform so they can transform their business operations," explained Venkat Eswara, VP of Marketing at Vitria, in this SYS-CON.tv interview at @ThingsExpo, held June 9-11, 2015, at the Javits Center in New York City.
The most often asked question post-DevOps introduction is: “How do I get started?” There’s plenty of information on why DevOps is valid and important, but many managers still struggle with simple basics for how to initiate a DevOps program in their business. They struggle with issues related to current organizational inertia, the lack of experience on Continuous Integration/Delivery, understanding where DevOps will affect revenue and budget, etc. In their session at DevOps Summit, JP Morgenthal...
"We provide a web application framework for building really sophisticated web applications that run on a browser without any installation need so we get used for biotech, defense, and banking applications," noted Charles Kendrick, CTO and Chief Architect at Isomorphic Software, in this SYS-CON.tv interview at @DevOpsSummit (http://DevOpsSummit.SYS-CON.com), held June 9-11, 2015, at the Javits Center in New York
In his session at 16th Cloud Expo, Simone Brunozzi, VP and Chief Technologist of Cloud Services at VMware, reviewed the changes that the cloud computing industry has gone through over the last five years and shared insights into what the next five will bring. He also chronicled the challenges enterprise companies are facing as they move to the public cloud. He delved into the "Hybrid Cloud" space and explained why every CIO should consider ‘hybrid cloud' as part of their future strategy to achie...
"Plutora provides release and testing environment capabilities to the enterprise," explained Dalibor Siroky, Director and Co-founder of Plutora, in this SYS-CON.tv interview at @DevOpsSummit, held June 9-11, 2015, at the Javits Center in New York City.
DevOps tends to focus on the relationship between Dev and Ops, putting an emphasis on the ops and application infrastructure. But that’s changing with microservices architectures. In her session at DevOps Summit, Lori MacVittie, Evangelist for F5 Networks, will focus on how microservices are changing the underlying architectures needed to scale, secure and deliver applications based on highly distributed (micro) services and why that means an expansion into “the network” for DevOps.