Story image

Kiwi cloud success story granted top security certification

23 Apr 18

Hospitality cloud solutions provider STAAH have recently become PCI DSS Certified (Payment Card Industry Data Security Standard).

This means that the Kiwi start-up success story is approved to process credit card payments in a way that provides data security to prevent breaches that could compromise business sensitive data.

The certificate was awarded after a full-scale audit by a qualified security assessor (QSA) as required to attain this certification.

The QSA validated all areas of STAAH’s platforms that come in contact with cardholder data to ensure proper controls and security measures are in place to protect the customer.

The PCI certification audit includes reviews of how the software is developed, the process in which developers are trained, and technical and procedure controls

“Data is fast becoming the single most important asset for all companies, and its protection is paramount,” says STAAH founding director Gavin Jeddo.

“We recognise the importance of data and its security, being in an industry where online transactions are business critical. Getting the PCI DSS certification for the fourth year in a row demonstrates our promise to ensure data security is never compromised on a STAAH platform.”

PCI compliance means a company has taken steps to help protect cardholder data (CHD) following the guidelines set by the PCI Council.

Whereas PCI certification is a rigorous and comprehensive process that involves a full-scale audit by a qualified security assessor (QSA).

Being fully PCI certified means that guests’ card data is secure and that banks are more likely to issue merchant facilities to your property.

STAAH is a New Zealand-based technology company that specialises in cloud-based channel management and booking engines for accommodation providers.

Founded by Gavin Jeddo in 2008, a pioneer in the field of distribution technology, STAAH’s technology powers a property’s distribution through online travel agencies (OTA), direct bookings and digital marketing services.

Today, STAAH operates in more than 70 countries including New Zealand, India, Malaysia, Philippines, Thailand, Indonesia and UK.

Gartner names LogRhythm leader in SIEM solutions
Security teams increasingly need end-to-end SIEM solutions with native options for host- and network-level monitoring.
Cylance makes APIs available in endpoint detection offering
Extensive APIs enable security teams to more efficiently view, enrich, and contextualise real-time intelligence collected at the endpoint to keep systems secure.
NBN Co rolls out 'optimised' wholesale business bundles for ISPs
“We recognise some businesses are on nbn powered plans that have not been optimised for their needs," says Paul Tyler.
How Schneider Electric aims to simplify IT management
With IT Expert, Schneider Electric aims to ensure secure, vendor agnostic, wherever-you-go monitoring and visibility of all IoT-enabled physical infrastructure assets.
SolarWinds adds SDN monitoring support to network management portfolio
SolarWinds announced a broad refresh to its network management portfolio, as well as key enhancements to the Orion Platform. 
Preparing for the future of work – growing big ideas from small spaces
We’ve all seen it: our offices are changing from the traditional four walls - to no walls. A need to reduce real estate costs is a key driver, as is enabling a more diverse and agile workforce.
JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.