As the world’s largest cloud-native company, it is essential to Cloudreach’s operations that they create an environment of total reliability where security is a priority.
From intelligent cloud adoption to taking advantage of serverless machine learning, Cloudreach helps organizations define, improve and optimize their agility, efficiency and operations. By taking a security-focused and security-first approach, and to ensure support of their customer security needs, Cloudreach achieved certification for ISO 27001, SOC 2 and Cyber Essentials.
The Challenge
To further their commitment to their customers and security, Cloudreach sought out to achieve PCI DSS compliance in the summer of 2018. With a timeline of only a few months, it was imperative to quickly assess the PCI requirements versus their current baseline and partner with a company who could walk them through PCI compliance for the first time.
By partnering with A-LIGN, Cloudreach had a partner who could answer any questions and help them along their journey. Cloudreach was in a unique position – they identify as a service provider but do not currently store or process customer cardholder data. This was an important aspect to distinguish as this affects what the scope of Cloudreach’s environment is and what will be tested against. A-LIGN recommended that Cloudreach narrow their environment scope, helping to carve out unnecessary complexity and direct their focus on areas to improve.
The Solution
Achieving PCI DSS compliance can be a massive feat for any company and, thanks to the guidance, clarity and direction provided by the team at A-LIGN, Cloudreach was proud to announce in January 2019 that it earned PCI DSS Level 1 compliance for its Cloud Operations services.
Why PCI DSS Matters
Security remains high on the agenda for many IT decision makers. A survey carried out by Gartner in 2018 investigated information security buyer purchasing preferences. It found 51% of respondents identified risk as their primary purchasing motivator, with 31% linking business-related concerns like complying with compliance mandates and improving risk management. With clear demand in the market to address these concerns, Cloudreach once again seeks out to strengthen its commitment to investing in security, risk management and demonstrating compliance. As a service provider and trusted partner to its customers, PCI DSS provides peace of mind that Cloudreach’s processes and networks are on par with the highest industry standards.
Are You Ready to Earn PCI-DSS Compliance?
Obtaining a PCI DSS report demonstrates your organization’s commitment to payment card data security and the level of validation you have achieved. As a PCI DSS Qualified Security Accessor Company (QSAC), A-LIGN provides PCI DSS services to help meet your organization’s compliance needs. Ready to undergo a PCI DSS assessment? Join the hundreds of organizations like Cloudreach who have achieved compliance with A-LIGN.
Next steps
To learn more about how A-LIGN can help your organization through a variety of cybersecurity compliance assessments and audits, please visit www.a-lign.com/services or complete this form and an A-LIGN expert will reach out to you within 24 hours.
About Cloudreach
Cloudreach, an Atos company, is the world’s leading multi-cloud services provider. Our mission is to deliver the promise of cloud and drive extraordinary value for our customers. Cloudreach helps enterprises win competitive advantage through successful cloud transformation. We’re the go-to strategic partner for Amazon Web Services, Google Cloud and Microsoft Azure. With more than 10 years of cloud native experience, we’ve built an unmatched depth and breadth of expertise in cloud technologies and their application to business. For more information about our work, visit www.cloudreach.com