Mobius has just received our Payment Card Industry Data Security Standard (PCI DSS) accreditation for the 8th year in a row. We think we are the only MVNO to meet this standard. So that’s it; well done to our IT Team and Network Architects, a tick in the box, job well done.
But the process of gaining accreditation underlines that the criteria for a secure system is a continually moving target. Frankly, when we started the process back in 2012 our systems were strong enough that it felt like an easy win. Each year since the list of recommendations has grown, the requirements have got tighter, what we have had to do to keep up has become ever harder.
In the last couple of years, we have had remote penetration tests, attempts from the car park on our Wi-Fi and even inbuilding white hat attacks. The latter has meant that we now have had to restrict any visitors to a Green section of our building while the rest is divided into Orange and Red. Security requirements have changed not just how we handle SIMs and data but how we move around our building.
These physical changes along with the investment in infrastructure, in design and in operations means that security dominates Mobius’ business-as-usual thinking. But what we do is only good for today. Tomorrow will bring new, unexpected, challenges that we will have to invest to address.
You should check to see if your airtime supplier is as working as hard as we are to keep your data and business safe. If not, please contact firstname.lastname@example.org or call us on 01530 511 180 or have a look at https://www.mobiusnetworks.co.uk/why-mobius/pci-dss-and-bsi-accreditation
Written by Douglas Gilmour