Moorestown, NJ – RunSignUp has received a PCI Level 1 Attestation of Compliance for Onsite Assessments as a Service Provider. As a Payment Facilitator, RunSignUp had hit the volume of processing that required us to move from a self assessment to a third party Qualified Service Provider doing onsite reviews as well as independent scanning and vulnerability testing. In addition, a number of additional levels of security, auditing and process are required for this highest level of processing.
The process took nearly 6 months to put in place all of the processes, procedures and infrastructure. Highlights of the requirements were:
- Improved Encryption Key Management Procedures
- Improved Network Configurations
- Improved Employee, Customer, Participant Segmentation and Access Control and Login Management
- 100% Code Review and Change Logs
- System Hardening including implementation of Center for Internet Security recommendations
- Improved Logging, OSSEC Log Analysis
- Improved AntiVirus including implementation of ClamAV
- Improved and constant Vulnerability Scanning including implementing Nessus
“We are pleased to make these improvements to our infrastructure that were required for this higher level of PCI Compliance over self assessment,” said Bob Bickel, Founder of RunSignUp.
You can view more information about RunSignUp PCI Compliance at https://runsignup.com/About-Us/PCI-Compliance.
You can do a quick check on any website using the free tool from SSL Labs – https://www.ssllabs.com/ssltest/index.html.
RunSignUp is the leading innovator of online tools for race registration, race day solutions, and running clubs. Services include RunSignUp for registration, RunSignUp Go for Race Day, RunSignUp RD Go for Timers, RunSignUp Clubs to enable membership management, and RaceJoy for mobile experiences. More than 10,000 race directors, timers, running club officers and running stores use these services today, including leading organizations like the Boilermaker Road Race, Crim Festival of Races, Pittsburgh Three Rivers Marathon, Inc., Fifth Third River Bank Run, Susan G. Komen Philadelphia, Night Nation, Mercedes Marathon, Kentucky Derby Festival, Leone Timing, KC Running Company, Compuscore Timing, Knoxville Track Club, Pikes Peak Road Runners, Gulf Coast Runners, Columbus Running Company, Playmakers Running Store and many more. In 2015, over 10,000 races used the system to register more than 2.7 million participants. In 2016 over 14,000 races will use the system to process over 4.3 million paid registrations. Services are free except for processing fees when conducting monetary transactions such as race registration or club membership renewal. RunSignUp is founded by runners for runners, using technical capabilities to bring the power of cloud computing to benefit the running community. For more information, visit www.RunSignUp.com.
3 thoughts on “RunSignUp Certified PCI Level 1”