In October, Nuremberg-based IT service provider noris network AG was certified as a housing provider in accordance with PCI DSS v4.0 by usd AG. The latest version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS) was published in March of this year and must be implemented in large parts by companies requiring certification from April 1, 2024. Some requirements will not become mandatory until 2025. On a voluntary basis, certification to PCI DSS v4.0 can take place even before then.
The PCI DSS places strict physical and organizational requirements on the security of credit card data in data centers. Compliance with these requirements was audited by usd AG assessors at noris network and compliance was confirmed. This means that customers can rely on the secure handling of their credit card data and use noris network's housing services with confidence. In addition, the effort required for their own proof of PCI DSS compliance is considerably reduced by noris network's certification.
Raphael Heinlein, Managing Consultant Security Audits & PCI at usd AG, oversaw the security assessment at noris network as Lead Auditor: "We have been working together with noris network in a cooperative and constructive manner for years. In our most recent certification project according to PCI DSS v4.0, the cooperation ran smoothly as usual. The state-of-the-art data centers of noris network fully comply with all - old and new - PCI DSS requirements. We would like to thank all parties involved for the trustful cooperation."
Markus Laube, Team Lead Governance, Risk & Compliance , noris network AG, emphasizes the high importance of data security at noris network: "The integrity, security and availability of their data is essential for our customers. With our certification according to the latest version of PCI DSS, even before it is mandatory to implement, we show that a strong security level in our data centers is just as important to us. To our demanding customers in the credit card processing environment, we can also prove, assessed and confirmed by usd AG, that we fully comply with the requirements of PCI DSS."
David Ziegler, Physical Security Manager, noris network AG, is satisfied with the joint certification project: "This year again, with the active support of usd AG, we were able to work out the special challenges of certification according to PCI DSS and implement all known as well as newly added security requirements as efficiently as possible. In this way, we protect our customers' data in our data centers in the best possible way against misuse and theft."