rackAID Logo
Client Login:
Password:

Resources Resources » rackaid blog »  Company News  »  Security Scanning and PCI Compliance
  rackAID Blog
  Company News
  Industry Insights
  Server Dysfunction
  Version Watch
  rackTIPS
  Book Reviews
  Linux Tutorials
  Useful Manuals
  Helpful Sites
  Software Downloads
Search:

Resources

rackAID Blog: Company News

Security Scanning and PCI Compliance

August 19, 2008 1:50 PM

As I mentioned in our review of our PCI Compliance programs, we were working on a PCI and security scanning service using ControlScan's system. We've completed our partnership and are ready to start delivering PCI compliance assistance to Level 4 merchants. We have two offering a fully managed service and the Scan & Fix service. We've also arranged for our clients to enjoy a free security scan with ControlScan.

Managed PCI Compliance
In conjunction with ControlScan, rackAID is launching a managed PCI compliance service. The service is available as an add-on to our server management subscriptions. Under the service, the only thing you need to worry about is completing your self assessment questionnaire and your web applications. rackAID will handle all server level items.

The key benefits of managed PCI compliance is that you know your server is routinely checked and secured by professional staff. You can pass those quarterly audits with ease and not have to scramble for last minute compliance. You can focus on your business rather than worrying if a TRACE-TRACK exploit on your server is a serious issue.

The service is priced per domain based on the scanning frequency you require. Rates start at just $75.00/month.


Scan & Fix
In addition to our managed solution, we also offer a Scan and Fix service. We will scan your system and then do the fixes at our standard hourly rates for advanced services (currently $112.50/hr). In most cases, we can resolve the scan related items in 2-3 hours.

If you do not already have PCI scanning service, then we highly recommend ControlScan. In our review of approved scanning vendors, we found ControlScan to be one of the best. Their easy to use interface and consistent results mean that we can often work through a scan with them more quickly than with other providers. So even if ControlScan's fees may be more than other providers (though they are very competitive), you need to consider the total cost of having the scan and fixing the items.

Better Security
Even if you do not need PCI compliance, the ControlScan is an good security tool. They use a number of scanning techniques to find exploits on your server. They combine tools like Nikto, Nessus and others into a single, easy-to-use scanning product.

Regular scanning helps secure your system by finding potential vulnerabilities before the attackers. Combined with the patch management we provide in our server management packages, this is a excellent, cost-effective solution for server security. No it is not hacker-proof, but the combination of service monitoring, patch management and security scanning provides a very robust management package that will keep your system operating securely.


Free Scan Through our partnership with ControlScan, rackAID client's can enjoy a free security scan. Note that we can only provide the scan for free, should you need security items fixed, we can discuss if the Scan & Fix or managed solution is best for you. If we do need to fix items, you will need to convert your trial into a full version so we can produce the proper reports.

If you have any questions, just post them as a comment on our blog or ask us in the help desk.

Posted by Jeff Huckaby on August 19, 2008 1:50 PM |

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

To reduce spam, we use a Captcha system. Please enter the letters in the image into the box to post your comments.


Type the characters you see in the picture above.

Add to Technorati Favorites
©2000-2007 rackAID LLC