Small company, big security challenges

Startup Linkable Networks decided to meet PCI DSS Level 1 security requirements, with cloud-based infrastructure as an extra wrinkle. Here's a look inside the effort.

Small company, big ambitions. Sounds like the classic entrepreneurial dream—but what if it means you bear the burden of big-company regulatory or standards compliance?

Linkable Networks is a Boston-based startup that provides technology-based services that allow consumers to link store-level and item-level discount offers directly to their credit or debit card of choice—without requiring point-of-sale integration, mail-in rebates, or paper coupons. The company sees itself as bridging the gap between advertisers, brands, consumers and financial institutions.

Linkable was formed in September 2010 and currently has fewer than 50 employee. But with the goal of building a highly scalable infrastructure for this spectrum of customers, the company decided it would need security controls for Level-1 PCI DSS compliance, the high-end requirements typically applied to businesses processing more than six million transactions per year.

[Also see 5 bright ideas for SMB security]

And if that challenge weren't complicated enough: Linkable's entire technical infrastructure, aside for an office switch, firewall and individual laptops, is cloud-based, with all the audit uncertainty that comes along.

Investing in security

To continue reading this article register now

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!