This page provides information about Security and Compliance at Servertastic.

Cyber Essentials

We maintain our Cyber Essentials certification on an annual basis. You can verify our certification on the IASME website. Enter SERVERTASTIC into the search field. The Cyber Essentials Certification shows we meet the security standards set out by the National Cyber Security Centre.

Vulnerability Scanning

We perform regular monthly vulnerability scans on systems and hostnames utilised by Servertastic. We utilise a scanning engine powered by NESSUS to check for the latest CVE and identified threats. This also detects open services and ports. This system notifies our operations team instantly of any threats found.

Web Security

We utilise WAF (Web Application Firewall) systems to protect our infrastructure. We also have firewalls in place to restrict public access to ports on our systems that are not required. Our systems are hosted by LayerShift as a managed service. They are ISO27001 accredited and provide further security information here.

We utilise a number of third party cloud based systems to provide our services. These are all detailed in our privacy policy which includes links to the relevant providers.

PCI DSS

Servertastic does not retain any card details or payment informaiton. Servertastic is a SAQ A processor.

Servertastic utilises STRIPE and PAYPAL to process card payments and all card details are stored with STRIPE and PAYPAL respectively. These have completed their own PCI DSS Level 1 requirements.

STRIPE security information can be viewed here
PAYPAL security information can be viewed here

For our billing platform we utilise FOXY.IO and CHARGEBEE.

FOXY.IO security information can be viewed here
CHARGEBEE security information can be viewed here