Newsroom - 2005
DataPipe Named CISP Compliant Service Provider
Hoboken, NJ — April 22, 2005 – DataPipe, a global provider of managed hosting services announced today that
Ambiron, LLC completed its inspection of DataPipe for conformance with Visa’s Cardholder Information Security Program (CISP).
The company now operates as a service provider for a CISP compliant ecommerce solution.
Visa developed CISP to ensure protection of sensitive cardholder information through all phases including collection,
transmission and storage. The standards mark a significant advance in the war against identity theft and fraud by ensuring
that the merchant or service provider does not leave cardholder data vulnerable to compromise.
As a CISP compliant solution service provider, DataPipe assists its clients in ensuring the full security and compliance of
their ecommerce network. Many small to medium sized business owners are not yet aware that they are responsible for this
compliance, even if they do not store, process or transmit the cardholder data themselves. Any third party service provider
they outsource to must also be compliant.
Merchants must go through the certification process themselves if they want to claim legitimate compliance and avoid being
fined by Visa. Compliance assurances on their end involve issues such as how they handle their hardcopy media and which of
their employees are allowed to access the accounts. While the solution does not allow DataPipe’s clients to claim certification
themselves, it does allow them to say that they outsource certain requirement standards to a CISP compliant provider.
"Attaining our CISP certification allows us to address yet another compliance issue that is important to our clients," says
Robb Allen, CEO of DataPipe. "We continually strive to deliver the most advanced security solutions for our clients. While we
have always operated within a secure service delivery infrastructure, gaining this certification gives our clients even more
confidence in our security capabilities.”
While CISP is defined as an ongoing development, the initial efforts have focused primarily on the ecommerce acceptance
channel. This includes an annual schedule for validation of certain major internet-based merchants’ security positions.
CISP also includes, or will soon include, mail/telephone, face-to-face and wireless acceptance channels.