After performance testing and evaluating multiple options, the team chose Redis Enterprise to meet its PCI-compliance requirements.
Besides support and ease of setup, the team was impressed by Redis Enterprise’s performance, high availability, and support.
Support is very important in the compliance environment. We have to have a high level of support in case something goes wrong or there are issues related to application vulnerabilities. We get a fast response from Redis—any time they find something, they notify us right away and come up with a patch.
Platform Engineering Manager
Fortune 500 company in the travel and hospitality space
Forty million customers around the world annually use services from this Fortune 500 company, whose mission is to bring humanity to the travel and hospitality industry and create memorable experiences for its customers. Like many other businesses in its industry, this company focused on new ways to provide for and accommodate customers during the outbreak of COVID-19.
The pandemic also accelerated the company’s efforts to modernize its applications and infrastructure. One of these initiatives was to strengthen the availability, security, and compliance of the company’s e-commerce payments platform.
In particular, the team wanted a new, highly available, PCI-compliant data store to manage its customers’ credit card security codes, commonly referred to as CVV or CSC codes. For PCI compliance, this data store had to run in-memory, and expire stored information after a short period of time. Furthermore, payment data had to be encrypted to ensure minimal correlation between CVV codes and other cardholder information.
The compliance team tested Redis Enterprise against Memcached and MongoDB before eventually selecting it as the database of choice to satisfy the rigorous compliance needs of their e-commerce platform. While the determining factor was meeting PCI compliance requirements, the team was also impressed by Redis Enterprise’s fast performance, failover capabilities, linear scalability via clustering, and ease of use.
World-class support was another key benefit of adopting Redis Enterprise. “Support is very important in the compliance environment. We have to have a high level of support in case something goes wrong or there are issues related to application vulnerabilities. We get a fast response from Redis––any time they find something, they notify us right away and come up with a patch,” said the Platform Engineering Manager. With guidance from Redis, the compliance team was able to quickly configure its clustering and DNS setups, and was able to get its compliance environment ready within just a few days—super quick given the conditions!
While the team’s new compliance solution is now in production, this is only the beginning for Redis Enterprise. The compliance team continues to seek out additional uses for Redis Enterprise, including migrating other components of its credit card data management application into the cloud, and exploring other ways that Redis Enterprise can help deliver speedy yet secure experiences to its customers.