Adobe Business Catalyst Security

Amazon Data Center

All Adobe Business Catalyst websites are hosted by Amazon Web Services (AWS). AWS’s world-class, highly secure data centers utilize state-of-the art
electronic surveillance and multi-factor access control systems. Data
centers are staffed 24×7 by trained security guards, and access is
authorized strictly on a least privileged basis. Environmental systems
are designed to minimize the impact of disruptions to operations. And
multiple geographic regions and Availability Zones allow you to remain
resilient in the face of most failure modes, including natural disasters
or system failures. Click here for more on AWS their security.

PCI DSS Compliance

Long story short, Adobe Business Catalyst does not store entire credit card numbers, expiration dates or CVV codes and thus is compliant with
the Payment Card Industry’s Data Security Standard (PCI DSS). They are instead passed directly to the payment gateway, such as Authorize.Net. Business Catalyst does store the last four digits of a credit card, which are are displayed in the admin interface only when you’re connected via a secure https:// connection and you look at the order payment information.

Compliance is self-assessed, so Adobe annually commissions a third-party, Fishnet Security in 2014, to conduct an objective assessment. Contact us if you’d like to see the Adobe Business Catalyst Attestation of Compliance for 2014.

Security Updates

Being a cloud-based web CMS means that security updates are made almost weekly and typically rolled out on a Sunday night so that all Adobe Business Catalyst websites are updated come Monday morning. Any problems that occur are proactively monitored and communicated to developers and users here on their Business Catalyst Status website.

Contact us to learn more about Adobe Business Catalyst.