PCI Compliance

As part of the ongoing compliance efforts, Azion is always improving the internal security controls it applies to customers’ data, applications, and sites running on the Azion Edge Computing Platform. This is why Azion annually renews its PCI-DSS certification as a PCI DSS 4.0 Level 1 service provider for the newest version released, demonstrating the commitment to ensure that the transmission and processing of cardholder data are secure for both customers and those who interact with Azion’s services.

PCI DSS (Payment Card Industry Data Security Standard) is a certification issued by the PCI Security Standards Council that defines the international security requirements necessary for companies in the payment card sector and their service providers to operate reliably, adequately protecting both their technology systems and their customers’ data and operations.

Created and governed by major credit card companies worldwide, PCI-DSS is required for any business that handles credit card transactions.

So whether you have an online store or are otherwise adopting PCI standards as best practice, you must undergo a thorough annual process responding to 12 requirements, encompassing 250+ individual controls, that check how the company handles security, privacy, and availability in its systems. Businesses that process a high level of transactions must meet a higher level of PCI compliance, requiring more frequent network scans and external audits.

Although PCI certification is required for e-commerce, all digital businesses can benefit from using a PCI-certified provider. By providing a higher standard of security, PCI compliance reduces the likelihood of data breaches, elevates user trust, and enables industry-specific use cases, such as securing patient data for healthcare companies or enabling online tuition payments for educational groups.

What this means for Azion customers

Section titled What this means for Azion customers

As a PCI-DSS 4.0 Level 1 Service Provider, Azion keeps your valuable data secure across all edge locations, without compromising your site’s performance.

As a result, you can:

  • Simplify PCI audits.
  • Maintain the highest level of compliance.
  • Enhance user confidence.
  • Process payment credentials or other sensitive data.
  • Keep your checkout process fast and performant.
  • What compliance is Azion achieving?

Azion has been attested as a PCI DSS 4.0 Level 1 Service Provider.

  • Who performs the independent audit of Azion for its PCI compliance?

Azion contracted a Qualified Security Assessor (QSA). Customers with Enterprise or Mission Critical Service Plans can reach out to their Account Executive to request more information.

  • Which regions and products are covered?

Azion’s PCI compliance extends across the entire Azion Edge Computing Platform, which includes the Edge Application product and its add-ons (Application Accelerator, Edge Cache, Edge Functions, and Load Balancer) and the Edge Firewall product and its add-ons (DDoS Protection Unmetered, Network Layer Protection, Web Application Firewall - WAF, and Origin Shield), covering all regions where it’s deployed. Presently, Azion is deployed in six continents.

  • How long is Azion’s Attestation of Compliance (AOC) valid for?

Azion anually renews its PCI-DSS certification for the newest version released. Customers with Enterprise or Mission Critical Service Plans can reach out to their Account Executive to request more details.

  • How can I get a copy of Azion’s Attestation of Compliance (AOC)?

Customers with Enterprise or Mission Critical Service Plans can reach out to their Account Executive to request an AOC. An NDA is required.