- PCI Compliance

PCI Compliance is Total Bullshit and Everybody Knows It


Unlike SSAE16/SAS70 certification for our datacenters and physical infrastructure which are valuable and substantive, PCI Compliance is total bullshit and everybody knows it.

But you can't fight city hall.

So, we do in fact update our PCI compliance quarterly and are happy to provide overall and site-specific PCI Compliance documentation to fulfill any aspect of your due diligence or reporting requirements.

We know it's not your fault and we'll help you get your job done.


This Reminds Me of a Funny Story ...


The platform is so simple and stripped of extra functions that our first PCI scan vendor, in 2006, could not actually verify that we were up and running.

That's right - we offered so little attack surface for their scans that they (incorrectly) assumed we were offline.

In 2017, our platform only answers on port 22 with OpenSSH. That's it.

Asking if is PCI Compliant is like asking if an army tank has a front bumper.


Oh yeah, the reports.


The 2017 PCI compliance report for the (combined) mail and www server, from Comodo (yeah, I know) is here.


Here is an example PCI compliance report for one of our storage arrays - in this case, in our Denver location -


When you become a customer and choose an location we will provide you with a PCI report specifically generated for your location as well as the SAS70/SSAE16 compliance reports (US locations only).


We also welcome site visits and inspections of our facilities from prospective customers.


More Information publishes a wide array of support documents as well as a FAQ

You, or your CEO, may find our CEO Page useful.

Please see our HIPAA and Sarbanes-Oxley compliance statements.

Contact for more information, and answers to your questions.




Click here for Simple Pricing - Or call 619-819-9156 or email for more information.