This page provides information about Security and Compliance at Servertastic.
Cyber Essentials
We maintain our Cyber Essentials certification on an annual basis. You can verify our certification on the IASME website. Enter SERVERTASTIC into the search field. The Cyber Essentials Certification shows we meet the security standards set out by the National Cyber Security Centre.
Vulnerability Scanning
We perform regular monthly vulnerability scans on systems and hostnames utilised by Servertastic. We utilise a scanning engine powered by NESSUS to check for the latest CVE and identified threats. This also detects open services and ports. This system notifies our operations team instantly of any threats found.
Web Security
Our systems are hosted by Digital Ocean in the EU cloud. They are ISO27001 accredited and provide further security information here. We utilise the Digital Ocean cloud firewall to restrict access to our systems. Our front end systems are protected by Cloudflare’s Web Application Firewall. Cloudflare security information can be found here. Access to administrative areas are further protected by allowing access through VPN tunnels only.
We utilise a number of third party cloud based systems to provide our services. These are all detailed in our privacy policy which includes links to the relevant providers.
PCI DSS
Servertastic does not retain any card details or payment informaiton. Servertastic is a SAQ A processor.
Servertastic utilises STRIPE and PAYPAL to process card payments and all card details are stored with STRIPE and PAYPAL respectively. These have completed their own PCI DSS Level 1 requirements.
STRIPE security information can be viewed here
PAYPAL security information can be viewed here
For our billing platform we utilise CHARGEBEE. CHARGEBEE security information can be viewed here




