Appendix A

 

Additional PCI DSS Requirements for Shared Hosting Providers

• A
• A.1
• A.1.1
• A.1.2
• A.1.3
• A.1.4

---

Shared hosting providers must protect the cardholder data environment

As referenced in Requirement 12.8 and 12.9, all service providers with access to cardholder data (including shared hosting providers) must adhere to the PCI DSS. In addition, Requirement 2.6 states that shared hosting providers must protect each entity’s hosted environment and data. Therefore, shared hosting providers must additionally comply with the requirements in this Appendix.