Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Dedicated Server in Germany With PCI DSS compliance
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Dedicated Server in Germany With PCI DSS compliance

Hello to everyone,
Kindly suggest EU based company that gives Dedicated Servers in Germany With PCI DSS compliance.

Comments

  • Do you want the provider to be PCI DSS Compliant?

    Do you want the server you rent to be Compliant? If it is this one that is on you, not the provider.

    Thanked by 2MinTALi ITLabs
  • ITLabsITLabs Member
    edited August 2019

    As stated by @AuroraZ, it's your responsibility to implement PCI DSS in your rented hardware (and software) environment.

    There are some providers that offer consulting services and certified DCs, e.g., liquidweb and rackspace.

    Edit: OVH claims that it's german DC is gonna be PCI DSS certified.

    Edit 2: See also Nimblu and Servinga.

    Thanked by 1MinTALi
  • jsgjsg Member, Resident Benchmarker
    edited August 2019

    I don't understand why people are impressed or even afraid of PCI DSS. It is not a very demanding standard but basically boiling down to "don't be an utterly ignorant and careless idiot!". Besides, one could argue about the real purpose of PCI DSS. My personal understanding is that it serves basically 2 purposes:

    • Run your business with at least some basic prudence and care!
    • Responsibility is kicked downhill and Visa and the like are never liable.

    Practically speaking the first question to ask is what level you are. Probably level 4 which basically translates to "take care of your systems (e.g. proper updating), use reasonable software and encryption, and properly protect customer data!".

    Even more practically speaking, most of the PCI DSS requirements are considerably less stringent than the european laws.

    I can offer yet another and probably interesting view: PCI DSS is basically a deal with 2 factors, (a) your duties vs. (b) "their" liability ("their" meaning the higher levels with 1 being the highest and 4 the lowest). Most at the "lower end" (businesses dealing with customers) don't want a lot of burden and they pay for that by being the party where liability is virtually guaranteed to land. To avoid liability - and that's what PCI DSS is really about IMO - one has to climb up the ladder which means to make a lot more (quite costly) efforts - and the top 2 levels aren't reachable anyway for mere mortal businesses.

    My advice: If you need to ask you'll be at the low end anyway. So here are two tips: use compliant software (some e-shop system for example are compliant), and use compliant managed hosting. Why (the latter)? Because (a) they usually know their business, and (b) that makes them the liability end point (unless you f_ck up really stupid and hard).

    Thanked by 2ITLabs MinTALi
Sign In or Register to comment.