CRM for Hotels
Direct Channel
Distribución Hotelera

Idiso confirms their PCI-DSS certificate for fifth consecutive year


8 September 2015 at 6:00, by

Seguridad datos, Google Plus.

Seguridad datos, Google Plus.

Security is the base of any business and is an asset that must be worked from the inside out. Therefore to be recognised as a company that is efficient in card data processing gives us special value. Especially when it becomes something of a habit.

This is the fifth consecutive year that Idiso Hotel Distribution has been awarded the Payment Card Industry Data Security Standard (PCI – DSS), for storing the credit card data provided by clients to the reservations and customer service departments. We can therefore claim that Idiso’s services and products like the Call Center and Booking Engine guarantee a safer service for hotels.

The major news is that Idiso has this year confirmed its PCI DSS certificate, using version 3.1 of the regulations as a reference point, which has meant, among other things, eliminating SSL as the protocol for secure communication.

What is PCI-DSS?

The mission of the PCI Security Standards Council, since 2006, has been to increase the security of payment accounts data through promoting education and knowledge of the PCI (payment card industry) security regulations. The companies responsible for founding the organization are American Express, Discover Financial Services, JCB International, MasterCard and Visa Inc. The huge advantage of implementing the PCI regulation is that it has managed to unify criteria when it comes to dealing with the protection of credit card data, based on 12 main requirements:

1) Install and maintain a secure firewall configuration

2) Avoid using parameters set by default

3) Guarantee the protection of stored data

4) Encrypt card data through open public networks

5) Constantly update antiviruses

6) Develop and maintain secure applications and systems

7) Restrict client access to certain data

8) Assign a unique ID to each client

9) Limit physical access to data

10) Trace and monitor all data

11) Constantly evaluate the security system

12) Use a solid security policy; covering all data whether it belongs to workers or clients.

Additionally, to obtain the PCI-DSS certification the company must undergo vulnerability tests by authorised security experts (ASV). Idiso has passed all tests it has been submitted to successfully:

- Tests for vulnerabilities and their possible correction at a mid to high level.

Technical evidence of compliance with the 12 requirements, such as a yearly risk assessment, training plans, technical configuration demonstrations or presenting a guaranteed business continuity plan. The latter refers to protocols that a company has in place to respond to an incident as well as any possible solutions. For example: if one of the Contact Centres is down the remaining one takes over. Therefore the service never stops.

Idiso’s Head of Security for Management of Information Systems, Ernesto Juanico, stresses that passing a PCI audit is a costly process.

“It takes a lot of work to maintain the PCI DSS certificate. It involves continual work. Every year we learn from the previous year, this year there have been some changes based on the new version of the regulation “ he explains.

Our expert also points out that this certificate is not just a passing trend; it is becoming consolidated. “Large companies such as Microsoft and Amazon or Banks like BBVA, Santander or La Caixa, already comply with this regulation for their TPV payment services, security is not a whim, it is a necessity, as can be proved by thousands of cases,” he concludes.

It is worth remembering the main benefits that Idiso can offer its clients thanks to the possession of this certification.

1) Protection of the hotel’s client’s credit cart details.

2) Maintaining consumer trust thanks to increased data security.

3) It is a differentiating factor that can become an advantage in the competitive market.

4) It safeguards the brand’s reputation

5) There is a decrease in possible financial loss as well as loss of image due to security risks.

Idiso’s Information Systems manager, Aurelio Palmer, explains the vital importance of a technological company in the tourist sector having this standard.Another year more, and this is now the fifth, Idiso has passed the yearly audit and obtained the PCI-DSS certificate, thanks to the involvement and cooperation of all the departments. All these specific, essential tests have no value if the people that deal with the card data are not careful and fully involved in complying with the regulation. Security depends on everyone.

Therefore it is important to unify all the teams involved (Call Centre, Back office, technical teams, etc.) so that their day-to-day work and commitment become proof of excellence “ he claims

He adds: “With over transactions in just the last 12 months, and an average of 0,16 seconds for availability requests through Idiso’s CRS, coming from the booking engine, connectivity, GDSs, the Contact Centre, etc., what is clear is that security is a team effort”.

Here at Idiso we consider security to be a need, we are committed to maintaining the PCI DSS certificate each and every year.



Idiso is much more than a technological service provider. Our mission is to provide real value to our clients. We want to become THE GLOBAL HOTEL SALES PARTNER, helping hoteliers sell more and better thanks to our 360º distribution and marketing solutions.

2 comentarios 

  1. mont blanc pens 18 September 2017 - 2:02

    I wish to express appreciation to you just for bailing me out of this type of challenge. After researching through the internet and finding tricks which were not helpful, I believed my entire life was well over. Being alive without the answers to the problems you have sorted out by means of your entire blog post is a serious case, and the kind which could have adversely affected my entire career if I hadn’t noticed your web blog. Your good understanding and kindness in taking care of a lot of stuff was very useful. I’m not sure what I would have done if I had not encountered such a point like this. I am able to at this moment look ahead to my future. Thank you very much for the reliable and sensible help. I won’t hesitate to endorse the sites to any individual who requires guide on this issue.

  2. michael kors handbags 22 September 2017 - 9:12

    I simply wanted to jot down a word in order to express gratitude to you for those superb tips and tricks you are posting on this site. My particularly long internet search has at the end been honored with reputable concept to go over with my companions. I would declare that we site visitors are very fortunate to live in a remarkable place with very many brilliant professionals with good solutions. I feel somewhat happy to have come across your entire web site and look forward to tons of more brilliant moments reading here. Thank you once again for everything.

Leave a Reply

campos obligatorios *

También te puede interesar