DistilledODN is fully compatible and compliant with operating on eCommerce websites. In fact, they tend to be some of the best sites to most broadly benefit from DistilledODN's capabilities.
DistilledODN is fully PCI compliant, and we work with an independent information security consultancy to audit and advise on being best in class.
Assessed as a Service Provider under PCI DSS v3.1, we can provide service to eCommerce websites of any size. We can provide an Attestation of Compliance on request, and can share details of our information security policies.
As part of that compliance we run quarterly ASV (Approved Scanning Vendors) scans of our service, both externally and internally on our networks, using two separate providers. These are overseen by an independent consultant.
The DistilledODN platform can operate on an HTTPS website without compromising security. We provide deployment consultation for all customers, so will help you assess your needs.
Our platform sits in front of your web servers (origin servers) and behind any existing CDN you may have (if you do not have a CDN we'll deploy with our partners at Fastly to provide one). Connections to the CDN will use your existing certificate, and connections from DistilledODN to your web servers will use the certificate on them.
Between the CDN and DistilledODN traffic is encrypted with our TLS certificate, maintaining encryption for every step of transmission. This also means that if you have an existing CDN setup, you do not need to provide us with a certificate for your domain.