PCI Compliance Bolsters the Retail Case for Windstream Enterprise SD‑WAN

by Mike Frane
September 18, 2018

As every merchant who processes payment cards knows, properly protecting sensitive data requires every in-scope network, device, process, and control to be PCI-compliant.

Windstream Enterprise’s SD-WAN solution is the first to achieve PCI DSS compliance, and is enabling retailers to simplify the process of satisfying that requirement.

Our SD-WAN solution’s PCI DSS compliance was recently confirmed by an independent, third-party Qualified Security Assessor (QSA) in the form of Windstream Enterprise’s Attestation of Compliance (AOC). Attaining PCI DSS compliance means that Windstream Enterprise can now provide an SD-WAN AOC report to every customer that adopts its SD-WAN solution.

Customer paying with credit card on a PCI-compliant SD-WAN

Reducing the scope – and cost – of compliance audits

PCI compliance ensures that our SD-WAN solution meets PCI service provider requirements for credit card transactions and the transport of data. With compliance, we are able to reduce the scope and cost of PCI DSS audits that adopting retailers and their QSAs must perform.

Retailers who implement Windstream Enterprise SD-WAN can request an AOC and Windstream will deliver annual updates automatically in successive years.

It’s important to note that while the SD-WAN network itself is PCI-compliant, retailers that process credit cards, must ensure that other networks, devices, processes, and controls connected to the SD-WAN, in addition to other systems that handle sensitive data are also PCI-compliant.

End-user enterprises that don’t process credit cards benefit as well

Windstream Enterprise extends tremendous value to customers in all industries, and that includes the protection of sensitive data and the security of the solution. Whenever any consumer-facing enterprise incurs a network breach, its customers will always be understandably concerned about whether any of their own information was compromised. The protections built into our SD‑WAN offer assurance that those customers’ personal information, and the enterprise’s sensitive data within the SD‑WAN, are thoroughly protected.

While SD-WAN was designed to address the need to simplify network expansion, provide increased visibility and control, and reduce networking costs and downtime, attaining PCI compliance reinforces the security of the data inside the SD-WAN.