FAQ #1221 Diff
Do shared hosting providers need to comply with PCI DSS?
Earlier Version
Later Version
Removed
Added
PCI DSS requirement 2.42.6 and appendixAppendix A: ?PCI DSS applicability?Additional PCI DSS Requirements for hosting providers?Shared Hosting Providers? is applicable to all shared hosting providers whose customers store, process, or transmit cardholder data. A shared hosting provider is one that houses numerousmultiple customers on the same server. These requirements for shared hosting providers are not applicable when servers are dedicated to a single customer (but all other applicable PCI DSS requirements do apply).
To determine therelevantapplicable PCI DSS requirements for a given shared hosting provider, please contact a Qualified Security Assessor (QSA). The list of QSAs can be found at
https://www.pcisecuritystandards.org/approved_companies_providers/qsa_companies.php
(Note: PCI DSS Requirement numbers refer to PCI DSS version 3)
To determine the
https://www.pcisecuritystandards.org/approved_companies_providers/qsa_companies.php
(Note: PCI DSS Requirement numbers refer to PCI DSS version 3)
Disclaimer: This FAQ has been processed for display on this website and may contain errors. Please check the original FAQ on the PCI SSC website for the authoritative version.