Simple and secure PCI DSS compliance

Transcription

1 Simple and secure PCI DSS compliance Get control over PCI audit scope while dramatically improving security posture Decrease IT CapEx and OpEx costs by 25% Reduce PCI compliance time by up to 30% Reduce attack surface by 90% In our lab testing against the relevant requirements of PCI DSS we found that the IDN platform provided very effective security and protection. Chief Strategist at Coalfire (QSA) The challenges of PCI DSS compliance Adhering to PCI DSS (Payment Card Industry Data Security Standard) requirements is simply a part of doing business today. Any organization that stores, processes or transmits cardholder data (CHD) and/or sensitive authentication data (SAD) must establish, maintain, and be able to demonstrate compliance. With transactions swiftly moving beyond traditional brick and mortar store fronts, organizations are struggling with how to achieve PCI compliance across separate architectures and hybrid environments. The increased sophistication of attacks that bypass traditional defenses has accelerated breaches over the years and organizations have had to spend more time focusing on security than ever before. The unfortunate reality is that even if an organization is deemed PCI compliant, its network and assets are not necessarily protected against cyberattacks, which is evident by the number of well-known organizations that were deemed PCI compliant, yet were breached. Often times, corporate networks are flat with security that stops at the edge, not down to the individual host or service. Connections are secure until they get to the edge of the network, then a patchwork of VLANs, Access Control Lists, routing rules, firewall policies, and other technologies are used. These IT barriers kill the agility of your overall business and result in an inflexible and complex network architecture that does not provide secure connectivity or scale for all your resources. These technologies are also prone to human error, which creates costly overhead and hurts your organization s security posture. Better security is still needed to prevent intrusion of your network and the theft of credit card information..

2 Secure and segmented PCI DSS compliance with Identity- Defined Networking Tempered Networks Identity-Defined Networking (IDN) solution is the industry s first platform that unifies networking and security. IDN is purpose-built to overcome the challenges caused by today s complex and inherently vulnerable networks. Our extensible secure IDN fabric overlays your existing infrastructure and delivers secure and segmented connectivity for any device, across any environment, anywhere in the world. For the first time, organizations can connect, encrypt, and segment any host or service across physical, virtual, and cloud environments, with minimal modifications to underlying switching and routing infrastructure. With true peer-to-peer secure networking for any device, Tempered Networks solution is effective in providing significant support for the key requirements and controls of PCI DSS with a simple, sustainable, and operationally efficient enterprise architecture. With better control of the audit scope for PCI systems and assets, it s now easy to identify the area s perimeter and secure it, enabling a clearly defined scope in which credit card data enters, flows, resides, and exits, and at the same time removing systems and devices that do not belong in scope. You can now easily achieve compliance with secure and segmented connectivity to the device level if needed between all your sensitive PCI systems and assets and hybrid cloud and data center environments. Benefits of simple, secure micro-segmentation for PCI compliance Significant benefits come with IDN s superior flexibility and security, making it easier than ever before to be PCI compliant. Connecting and protecting PCI systems and assets with non-traversal micro-segmentation becomes a simple three-click operation that s verifiable and nearly hack-proof. Organizations can now significantly reduce, if not eliminate, traditional network security solutions such as complex internal firewalls, VPNs, keys, ACLs, and VLANs. The result is simple and secure connectivity to adhere to PCI DSS compliance requirements--across any network environment. You can now achieve a level of security and connectivity that simply hasn t been practical, or perhaps impossible to accomplish. How it works We introduce a new namespace, the Host Identity Namespace, which is compatible with the existing IP and DNS Namespaces, yet eliminates the constraints imposed by them. This makes it possible for your organization to have on-demand secure network connectivity from on-premises, such as your staging dev/test environment, to specific VPCs and instances running in the VPCs. VPC network and instance access control can easily be spun up and down. You also don t exhaust your public IP addresses, and every connection is from privately addressed instances to other privately addressed instances. Nothing is exposed on the Internet. An IDN architecture delivers: Orchestration for rapid provisioning, revocation, and instant verifiable quarantine Device cloaking and automatic AES-256 encryption between all IDN endpoints Device-level isolation and unbreakable micro, macro, and cross-boundary segmentation Connectivity for secure Layer 2 or Layer 3 networks across any link medium Network resiliency and instant failover 2

3 SOLUTION BRIEF PCI DSS Compliance Figure 1 Figure 2 3

4 Simple management makes your life easier To avoid the pitfalls of improper and complex network segmentation that could disrupt your operations, or increase your exposure to data theft, Tempered Networks provides an intuitive policy-based orchestration engine that is point-and-click simple and makes micro-segmentation down to the device-level effortless. Now you can reduce time to deployment by up to 97% and securely provision new resources in minutes instead of days or weeks. Figure 3: Point-and-click simple policy configuration that makes it incredibly easy to securely configure your network 4

5 Figure 4: IDN s powerful visualization feature allows you to see specific trust relationships established by the IDN Conductor A better way forward Tempered Networks comprehensive and award-winning networking platform is based on the principle that it must be easy to connect, orchestrate, segment, cloak, move, failover, and disconnect devices. Our technology has been in production for over 10 years at a Fortune 50 company and delivers a proven alternative to traditional networking that is non-disruptive, can be seamlessly deployed on top of any IP network, and is extensible across all networking domains, physical, virtual, and cloud. Find out how Tempered Networks can help simplify your network today! To learn more, info@temperednetworks.com or visit 5