2014-02-06 12:38:06 - Quorum gets PCI (Payment Card Industry) compliance certification for its DRaaS (Disaster Recovery as a Service) solution. This makes Quorum the first DRaas solution in the industry to attain PCI compliance.
Quorum®, the leading provider of one-click backup, recovery and continuity for the midmarket, today announced its DRaaS solution has been certified PCI compliant. As the first vendor in the industry to offer cloud recovery that meets the payment card industry's (PCI) security specifications, Quorum ensures credit card data obtained by retail establishments (and any other organization that handles credit card information) is kept secure throughout the backup and recovery process.
“Retailers of all sizes are becoming increasingly more PCI-aware in an effort to protect their customers’ credit card information,” said Matt Getzelman, director, PCI Practice, Coalfire, Inc. “Implementing disaster recovery technology that is PCI-compliant is a critical step retailers can take to protect their customers and their own reputations.”
For DR vendors
offering backup services only, PCI compliance is easy to claim: All data sent to them for backup has been encrypted before they receive it, and is therefore already secure. But vendors offering cloud recovery have a greater challenge. They must be able to decrypt data in order to run applications for recovery, but the act of decryption leaves data — such as credit card information — unsecure. The Quorum DRaaS solution overcomes this challenge to offer secure backup and instant data recovery, and because of this, it is now the only solution in the industry to be certified PCI compliant. Quorum's standard for security even goes a step beyond with a new feature that protects data at rest. Now, data stored at the DR on a disk is encrypted as well, further thwarting theft and fraud.
Quorum has also joined the National Retail Federation's Association for Retail Technology Standards (ARTS) organization, which is dedicated to reducing the costs of technology through standards. In joining ARTS, Quorum seizes an opportunity to influence best practices and technology standards as they relate to disaster recovery. Through its membership, Quorum will also be able to educate, helping retail organizations navigate the security issues they will increasingly face in disaster recovery as a result of cloud and other IT-related issues.
"Security is of paramount importance to retail establishments and any organization that processes credit card transactions, and Quorum understands this like no other DR vendor," said Walter Angerer, interim CEO, Quorum. "PCI compliance, the addition of the encryption-at-rest feature and the company's membership to ARTS are examples of Quorum's commitment to delivering a business-class DR system to the mid-market that addresses pervasive industry challenges and meets the highest security standards."