SYS-CON MEDIA Authors: Pat Romanski, Elizabeth White, Yeshim Deniz, Nikita Ivanov, Sean Houghton

News Feed Item

Latisys Announces PCI Compliance and HIPAA Risk Assessment for Cloud-Enabled Systems Infrastructure

Cloud Hosting Provider Continues Expansion of Portfolio in Response to Enterprise Demand for Compliant IT Infrastructure Services

ASHBURN, VA -- (Marketwired) -- 08/19/14 -- Responding to continued demand for outsourced IT services designed, tested and audited to meet the controls requirements of key government and regulatory standards, Latisys today announced that for the second year in a row it has achieved compliance with regulatory standards for delivering the highest levels of security and reliability as deemed by third party independent auditors.

Latisys is a leading provider of hybrid cloud hosting solutions delivered from its Cloud-Enabled Systems Infrastructure (CESI) and international platform of eight data centers. The annual reports distinguish Latisys' platform as being in alignment with key compliance and risk assessment requirements including:

  • The Payment Card Industry (PCI) Data Security Standard (DSS) 2.0
  • The Health Insurance Portability and Accountability Act (HIPAA) report for physical controls
  • The Gramm-Leach-Bliley Act (GLBA)--otherwise known as the Financial Services Modernization Act of 1999

The Payment Card Industry (PCI) Data Security Standard (DSS) is a set of security standards that are designed to ensure the security of credit and debit card transactions and protect cardholders against identity theft. PCI DSS consists of twelve broad security requirements and over 260 specific controls. Coalfire Systems is a leading Qualified Security Assessor (QSA) firm and is certified to perform PCI DSS compliance audits under the credentials issued to the firm by the PCI Security Standard Council. In keeping with the standard and the firm's credentials, Coalfire issued Latisys an Attestation of Compliance (AoC) with the PCI DSS.

Coalfire's assessment examined technical, physical and administrative controls associated with Latisys' ability to provide colocation and hosting that meets requirements established by PCI and other regulations cited above. Completion of the assessments provides Latisys with a formal third-party evaluation of its national platform and IT services for compliant hosting. Coalfire audited Latisys' policies and procedures for sections 8 (assigning unique user IDs) 9 (physical controls) & 12 (information security policies) of the PCI DSS.

Latisys continues to expand compliance related to its corporate network. The 2014 assessment covers the delivery of managed firewalls, which have now been audited for all PCI controls. Latisys threat management suite includes key features such as intrusion detection and prevention, password vaults, two factor authentication, security information and event management, penetration testing, and vulnerability scanning.

At Latisys' discretion, the results of the Coalfire assessment may be obtained by prospective customers and their auditors with an executed non-disclosure agreement. Latisys also offers a variety of managed services to assist in other areas of the standard or to provide comprehensive assistance designing and managing security practices such as firewall, VPN and intrusion detection.

"Latisys continues to expand its compliance portfolio in-line with what most enterprises and online businesses require to maintain compliance with multiple security standards, including the PCI DSS, HIPAA and GLBA," said Dirk Anderson, a Managing Director at Coalfire. "By deploying Latisys IT infrastructure solutions, enterprise customers benefit from validated controls that make compliance management far more effective."

In addition, Latisys' platform is operated under SSAE 16 (SOC 2 Type 2 and SOC 3) audited controls, which reaffirm Latisys' commitment to meeting the highest standards for availability and security, while making sure all of the appropriate controls and safeguards are firmly in place. Latisys' SSAE16 is validated across all Latisys facilities and covers both security and availability principles in detail. The SOC audits were performed last year by Ehrhardt Keefe Steiner & Hottman, P.C. (EKS&H), one of the largest CPA firms headquartered in the Rocky Mountain Region.

"Latisys has been and remains very focused on supporting customers who have a requirement to demonstrate compliance with regulatory and IT Governance requirements," said Pete Stevenson, CEO of Latisys. "Earning the Attestation of Compliance is a critical benchmark as we continue building our compliance portfolio to support enterprise customer needs."

With high-density data centers located in every U.S. time zone, Latisys' national reach enables multi-site redundancy, managed backup and secure disaster recovery including cloud-based DR solutions. Latisys' Tier III facilities are designed for the business continuity of mission-critical operations -- offering the power densities, cooling, backbone network and managed services with an eye toward reducing capital expenditures for storage and ongoing maintenance.

Latisys leads the IaaS industry in customer satisfaction with a Net Promoter score of 46, and recently received its first ever inclusion in the 2014 Gartner Magic Quadrant for Cloud-Enabled Managed Hosting, which can be accessed here.

About Latisys
Latisys is a leading provider of hybrid cloud hosting and data center solutions to medium-sized businesses, enterprise customers and government agencies. With a heritage serving business customers since 1994, and multiple high-density data centers across the United States -- and now in the United Kingdom -- Latisys offers a scalable outsourced IT infrastructure platform that provides customers with what they need, when they need it. As a client-centric company -- with state of the art data centers in Ashburn, Virginia, Chicago, Denver, Irvine, California and London -- Latisys is quickly becoming the IaaS platform of choice for companies that seek a truly flexible IT infrastructure partner. Call 1-866-956-9594, visit www.latisys.com or follow us on Twitter at https://twitter.com/Latisys for additional information. All Systems Grow.

About Coalfire
Coalfire is a leading, independent information technology Governance, Risk and Compliance (IT GRC) firm that provides IT audit, risk assessment and compliance management solutions. Founded in 2001, Coalfire has offices in Dallas, Denver, Los Angeles, New York, San Francisco, Seattle and Washington D.C. and completes thousands of projects annually in retail, financial services, healthcare, government and utilities. Coalfire's solutions are adapted to requirements under emerging data privacy legislation, the PCI DSS, GLBA, FFIEC, HIPAA/HITECH, HITRUST, NERC CIP, Sarbanes-Oxley, FISMA and FedRAMP. For more information, visit www.coalfire.com.

LATISYS CONTACT:
Carter B. Cromley
Email Contact
(703) 861-7245

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
The Internet of Things will put IT to its ultimate test by creating infinite new opportunities to digitize products and services, generate and analyze new data to improve customer satisfaction, and discover new ways to gain a competitive advantage across nearly every industry. In order to help corporate business units to capitalize on the rapidly evolving IoT opportunities, IT must stand up to a new set of challenges. In his session at @ThingsExpo, Jeff Kaplan, Managing Director of THINKstrateg...
SYS-CON Events announced today Isomorphic Software, the global leader in high-end, web-based business applications, will exhibit at SYS-CON's DevOps Summit 2015 New York, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Isomorphic Software is the global leader in high-end, web-based business applications. We develop, market, and support the SmartClient & Smart GWT HTML5/Ajax platform, combining the productivity and performance of traditional desktop software ...
The Internet of Things is tied together with a thin strand that is known as time. Coincidentally, at the core of nearly all data analytics is a timestamp. When working with time series data there are a few core principles that everyone should consider, especially across datasets where time is the common boundary. In his session at Internet of @ThingsExpo, Jim Scott, Director of Enterprise Strategy & Architecture at MapR Technologies, discussed single-value, geo-spatial, and log time series dat...
DevOps Summit 2015 New York, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that it is now accepting Keynote Proposals. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete...
There's Big Data, then there's really Big Data from the Internet of Things. IoT is evolving to include many data possibilities like new types of event, log and network data. The volumes are enormous, generating tens of billions of logs per day, which raise data challenges. Early IoT deployments are relying heavily on both the cloud and managed service providers to navigate these challenges. In her session at Big Data Expo®, Hannah Smalltree, Director at Treasure Data, discussed how IoT, Big D...
SYS-CON Events announced today that Gridstore™, the leader in hyper-converged infrastructure purpose-built to optimize Microsoft workloads, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Gridstore™ is the leader in hyper-converged infrastructure purpose-built for Microsoft workloads and designed to accelerate applications in virtualized environments. Gridstore’s hyper-converged infrastructure is the ...
The 4th International DevOps Summit, co-located with16th International Cloud Expo – being held June 9-11, 2015, at the Javits Center in New York City, NY – announces that its Call for Papers is now open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's large...
The Internet of Things promises to transform businesses (and lives), but navigating the business and technical path to success can be difficult to understand. In his session at @ThingsExpo, Sean Lorenz, Technical Product Manager for Xively at LogMeIn, demonstrated how to approach creating broadly successful connected customer solutions using real world business transformation studies including New England BioLabs and more.
WebRTC defines no default signaling protocol, causing fragmentation between WebRTC silos. SIP and XMPP provide possibilities, but come with considerable complexity and are not designed for use in a web environment. In his session at @ThingsExpo, Matthew Hodgson, technical co-founder of the Matrix.org, discussed how Matrix is a new non-profit Open Source Project that defines both a new HTTP-based standard for VoIP & IM signaling and provides reference implementations.
DevOps Summit 2015 New York, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that it is now accepting Keynote Proposals. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete...
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at Internet of @ThingsExpo, James Kirkland, Chief Ar...
Connected devices and the Internet of Things are getting significant momentum in 2014. In his session at Internet of @ThingsExpo, Jim Hunter, Chief Scientist & Technology Evangelist at Greenwave Systems, examined three key elements that together will drive mass adoption of the IoT before the end of 2015. The first element is the recent advent of robust open source protocols (like AllJoyn and WebRTC) that facilitate M2M communication. The second is broad availability of flexible, cost-effective ...
Scott Jenson leads a project called The Physical Web within the Chrome team at Google. Project members are working to take the scalability and openness of the web and use it to talk to the exponentially exploding range of smart devices. Nearly every company today working on the IoT comes up with the same basic solution: use my server and you'll be fine. But if we really believe there will be trillions of these devices, that just can't scale. We need a system that is open a scalable and by using ...
"SAP had made a big transition into the cloud as we believe it has significant value for our customers, drives innovation and is easy to consume. When you look at the SAP portfolio, SAP HANA is the underlying platform and it powers all of our platforms and all of our analytics," explained Thorsten Leiduck, VP ISVs & Digital Commerce at SAP, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
SAP is delivering break-through innovation combined with fantastic user experience powered by the market-leading in-memory technology, SAP HANA. In his General Session at 15th Cloud Expo, Thorsten Leiduck, VP ISVs & Digital Commerce, SAP, discussed how SAP and partners provide cloud and hybrid cloud solutions as well as real-time Big Data offerings that help companies of all sizes and industries run better. SAP launched an application challenge to award the most innovative SAP HANA and SAP HANA...