Secure Cloud Storage - PCI Compliance - PCI DSS

PCI DSS Secured Cloud

If you are processing payment card data in any way in the cloud (whether storing, transmitting, tracking or processing) you need to be PCI DSS compliant.

Built on our already secure-by-design Opensource cloud, The Bunker’s PCI DSS Secured Cloud is deployed using the most performant and secure Opensource products available today, and aligns your infrastructure to all 12 key industry requirements.

Opensource PCI DSS Cloud is the natural choice; with no licensing costs to consider as you grow, it can provide you with limitless scalability and PCI DSS compliance. Your ROI can be fast-tracked, while security information and event management is at scale and fast.

Get in touch

Is it right for me?

It is easy to deploy applications to the cloud, but doing this at scale and remaining compliant brings additional challenges, and associated risks of compliance failure. This is a costly risk, both financial and reputational, and not one that businesses can afford to take.

We help you ensure that you are able to meet customer demands, as well as audit the systems that appear and disappear just as quick, to serve your specific traffic patterns.

The PCI DSS compliance standard is one that, whilst you may not be required to meet, can act as a business enabler; the requirements ensure compliance with GDPR, amongst other things, and here at The Bunker we facilitate the creation of PCI DSS compliant clouds for all highly security-conscious businesses.

Industry approved (QSA) build standards produced and maintained by our experienced engineers for popular Opensource software

Bunker managed infrastructure compliance; allowing you to concentrate on your application and business

Scale quickly, securely and compliantly

Leverage The Bunker’s experience in PCI DSS compliance, without the expensive software, using our Opensource and PCI-Compliant Private Cloud.

Why buy from The Bunker?

The PCI DSS Opensource Private Cloud uses our standard Opensource Private Cloud as its foundation. In addition to this already secure-by-design Opensource cloud, increased zone isolation is added providing a multi-layer security design.

You can carry out the deployment in-house or free up your resources to focus on the development of your application and use The Bunker’s engineering team, as an extension of your own, to automate your deployment and scalability.

How PCI DSS Secured Cloud works

Multiple DMZ zones (PCI DSS commonly refer to networks as zones) are implemented for traffic to traverse through firewalls, onto load balancers and Web Application Firewall (WAF) devices before reaching further load balancers.

The web and application zones would be home to reverse proxies, potentially some more load balancers, and your application nodes.

If your application requires a database or multiple databases, this could potentially be the last zone or zones that the request reaches before being returned to the user.

HAProxy, Apache ModSecurity and NGINX NAXSI are deployed at various points in the network at these stages to ensure resiliency and compliance. Each zone that is passed through is subject to strict least privilege firewall controls. Administration access would be provided through a separate management zone or zones also, depending on the usage requirement.

All of the servers (hypervisors, virtual machines) are deployed with OSSEC agents, whether static or dynamic, who report into the managed security dashboard dedicated to your environment. The IDS server has a watchful eye on all of the traffic traversing between each zone.

Cookie	Domain	Type ⇅	Description	Duration
YSC	.youtube.com	Advertisement	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.	session
VISITOR_INFO1_LIVE	.youtube.com	Advertisement	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.	5 months 27 days
test_cookie	.doubleclick.net	Advertisement	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.	15 minutes
IDE	.doubleclick.net	Advertisement	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.	1 year 24 days
_fbp	.thebunker.net	Advertisement	This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.	3 months
bscookie	.www.linkedin.com	Advertisement	This cookie is a browser ID cookie set by Linked share Buttons and ad tags.	2 years
yt-remote-device-id	youtube.com	Advertisement	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.	never
yt-remote-connected-devices	youtube.com	Advertisement	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.	never
_ga	.thebunker.net	Analytics	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.	2 years
_gid	.thebunker.net	Analytics	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.	1 day
_gat_UA-58330036-1	.thebunker.net	Analytics	A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.	1 minute
_gcl_au	.thebunker.net	Analytics	Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.	3 months
LPVID	.thebunker.net	Analytics	The domain of this cookie is owned by LivePerson.This cookie is used as the visitor ID as identified in Conversational Cloud.	1 year
CONSENT	.youtube.com	Analytics	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.	2 years
LPVisitorID	va.v.liveperson.net	Analytics	The domain of this cookie is owned by Liveperson.This cookie is used for storing the visitor ID as identified in LivePerson.	1 year
lang	.ads.linkedin.com	Functional	This cookie is used to store the language preferences of a user to serve up content in that stored language the next time user visit the website.	session
bcookie	.linkedin.com	Functional	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.	2 years
lidc	.linkedin.com	Functional	LinkedIn sets the lidc cookie to facilitate data center selection.	1 day
lang	.linkedin.com	Functional	This cookie is used to store the language preferences of a user to serve up content in that stored language the next time user visit the website.	session
_ce.s	.thebunker.net	Other	No description	1 year
UserMatchHistory	.linkedin.com	Other	Linkedin - Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences.	1 month
AnalyticsSyncHistory	.linkedin.com	Other	No description	1 month
li_gc	.linkedin.com	Other	No description	2 years

PCI DSS Secured Cloud

PCI DSS Secured Cloud

Is it right for me?

Why buy from The Bunker?

How PCI DSS Secured Cloud works

Bunker Compliance: Your peace of mind

Ask us a question

Get in touch

Our services

Our Accreditations