[Micfo-Brad]

V. Regularly Monitor and Test Networks

Requirement 10: Track and monitor all access to network resources and cardholder data
->The VPS technical support team monitors the vps as a part of the bigger hardware node on which it is created. Tracking of access attempts and usage patterns of individual users on your vps would not be feasible. This would have to be taken care of by you. Restriction levels and accessibility of individual users will have to be decided by you since the best placed entity would be the vps owner to decide the usage of individual customers.

Since our linux and windows vps come with unrestricted administrative privileges through SSH and RDP respectively, the VPS technical support team has little or no control over the kind of access which the VPS owner may grant to his individual customers. Consequent to this, guaranteeing 100% security and integrity would not be possible since we have no authority over the kind of restrictions and limitations which can be imposed on individual users.

Requirement 11: Regularly test security systems and processes
-> You may request the vps technical support team to carry out a check on the health of the vps and the security configurations as well as settings whenever you want a thorough check to be performed.

VI. Maintain an Information Security Policy

Requirement 12: Maintain a policy that addresses information security
-> This is again something which is down to individual preferences, choices and practical usage patterns of the vps. It would be neigh impossible for the vps technical team to create a policy framework and security guidelines for your individual vps owing to the lack of information on the exact use of the vps and the activity which each user would be carrying out on the virtual machine. This is something which you would have to frame by yourself. The technical support team would be glad to lend whatever assistance you may need. However, the final word on this would be yours.