News Releases

News Releases
SAVVIS Expands Retail AvenueSM With Visa Cardholder Information Security Program (CISP) Assessment Services

ST. LOUIS, MO — July 28, 2004 — SAVVIS Communications (NASDAQ:SVVS), a leading global IT Utility, announced today the availability of its Visa USA Cardholder Information Security Program (CISP) Assessment Services provided to assist retailers in complying with the stringent security requirements put forth by Visa USA.

This marks the first addition to SAVVIS Retail AvenueSM, a broad set of IT solutions that assist retailers with the management and protection of digital brand assets; enhance their customer service capabilities; provide a strong foundation for their e-commerce strategies; provide IT infrastructure utility solutions and assist with training and distance learning initiatives. SAVVIS Retail Avenue leverages the company’s expertise in delivering solutions to over 400 retail clients and its experience in providing mission critical IT solutions to more than 7,000 companies worldwide.

In order to maintain consumer confidence and reduce the risk of merchant loss, Visa USA developed the CISP program, which is a set of security standards designed to protect sensitive cardholder data when used in online credit card transactions. Visa USA currently requires that all select merchants and service providers demonstrate annual compliance with the CISP by means of a third party compliance assessment. Having been named a certified assessment provider by Visa USA and having recently launched Retail Avenue, SAVVIS is an ideal choice for retailers as the company not only understands the subtle nuances of the CISP but also understands the inner workings of the retail environment.

Under its CISP Assessment Services, SAVVIS provides three different service levels:

o Select or large merchant assessments – Designed for merchants that conduct 6 million transactions or handle 6 million accounts annually, this service adheres to the Visa USA Security Audit Procedures and Reporting guidelines (CISP SAP)

o Non-select or small merchant assessments – Designed for merchants that conduct 500,000 to 6 million transactions or handle 500,000 to 6 million accounts annually, this service adheres to the Visa USA CISP 5.5 requirements and Select Merchant Security Audit Procedures (M-SAP)

o Service provider assessments – Designed for all organizations that support e-merchants who accept Visa cards in a “card-not-present” environment, this service adheres to Visa USA CISP SAP requirements.

SAVVIS offers CISP Assessment Services on both an annual basis and on a recurring basis through its Virtual Compliance Officer service. The latter ensures on-going compliance and identifies potential issues as they occur, saving retailers significant quantities of time and money on annual certification.

“We’re hearing from more and more of our members that CISP compliance is a top priority.” said Charles Presti, president of Retex. “By adding CISP Assessment Services to Retail Avenue, SAVVIS is demonstrating not only its commitment to the retail sector, but its willingness and desire to provide solutions to the issues that are paramount to companies within this space. We are thrilled with the commitment SAVVIS is showing to the retail sector as we feel that all of our members can benefit from a relationship with SAVVIS.”

Retailers are focusing attention on CISP compliance in order to maintain their relationships with Visa USA but more importantly to provide customers with valuable assurances that appropriate precautions have been taken to secure their sensitive cardholder data. A SAVVIS CISP compliance assessment provides insight into potential vulnerabilities and risks that may be present within a retailer’s systems and ensures that the retailer’s site security posture is consistent with industry-recognized best practices and Visa’s CISP requirements.

"There are a number of providers delivering CISP assessment services but we chose SAVVIS because of their experience and understanding of the CISP requirements,” said John Peterson, CTO for TRANSFIRST. “We wanted to work with a company that could not only provide the assessment but also help us to reach compliance. We found that in SAVVIS."

“Being named a certified provider of CISP assessments means that SAVVIS has met Visa USA’s stringent skill and methodology requirements”, said Vince DiMemmo, SAVVIS senior vice president of product management and marketing. “SAVVIS’ experience in conducting very large CISP assessments for merchant banks has provided us with valuable insight regarding potential ‘roadblocks’ and technical issues that may preclude a retailer from successfully completing the assessment. As a result of this work, SAVVIS is intimately familiar with CISP requirements and thoroughly understands both their intent and applicability. For these reasons, selecting SAVVIS to conduct the CISP assessment holds a great advantage for retailers.”

SAVVIS Communications (NASDAQ: SVVS) is a global IT Utility that leads the industry in delivering secure, reliable, and scalable hosting, network, and application services. SAVVIS’ strategic approach combines the use of virtualization technology, a utility services model, and automated software management and provisioning systems. This allows customers to focus on their core business while SAVVIS ensures the quality of their IT infrastructure. With its recent acquisition of the assets of Cable & Wireless America, SAVVIS becomes one of the worlds’ largest providers of IP computing services and the world’s third largest provider of hosting services. For more information about SAVVIS, visit: . For more information about end-to-end media services from SAVVIS’ WAM!NET division, visit:

Forward-Looking Statements 
This document contains forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. Actual results may differ materially from SAVVIS’ expectations. Certain factors that could affect actual results are set forth as risk factors in SAVVIS’ SEC reports and filings, including its annual report on Form 10-K for the year ended December 31, 2003, as filed with the Securities and Exchange Commission on February 24, 2004, and all subsequent filings. SAVVIS assumes no obligation to update or supplement forward-looking statements.

Carter Cromley 
SAVVIS Communications 
(703) 234-8033

Todd Aydelotte 
Ricochet Public Relations 
(212) 905-6196