You are on page 1of 2

PCI Compliance

Encryption alone does not ensure your PCI compliance Reduce cost and risk with in-house large-scale auditing and security response capabilities.

According to a study conducted by the Ponemon Institute and sponsored by Thales*, merchants that undergo network audits to ensure compliance with the Payment Card Industry Data Security Standards are paying an average of $225,000 each year, while 10% of these businesses are paying $500,000 or more annually.

Manage proactive and reactive regulatory compliance operations in house to dramatically reduce risk.
Automated massive-scale auditing to identify payment card information or other confidential data across your enterprise Respond effectively to content monitoring alerts Replay network communications and analyze host data to determine how the leakage propagated Identify security breaches, perform root cause analysis and neutralize the threat * PCI DSS Trends 2010: QSA Insights Report

Ensuring Regulatory Compliance with AccessData Technology


Despite defensive mechanisms, such as encryption and content monitoring systems, payment card information can still find its way onto unsecure segments of your network or be stolen by hackers whose sole purpose is to get their hands on this information. Too often organizations simply rely on the process of accidental discovery when it comes to detecting data leakage, and the prohibitive costs associated with large-scale auditing prevents many organizations from performing regularly scheduled proactive audits.

The technical implications of a massive content audit is often staggering. Even in relatively simple environments, executing a large-scale search for a confidential file can be a daunting and time-consuming task. The problem of course is less about the complexity of the task and more about the lack of technologies designed to address this type of broad search. Without scalable, deep, forensic auditing and remediation capabilities, organizations cant do much more than wait for somebody to report a data spill and then pursue manual, time-intensive and error-prone solutions, such as a machine-by-machine search. To truly ensure the protection of confidential data, commercial and government entities need an automated way to quickly and thoroughly search thousands of machines, and that is exactly what AccessDatas Cyber Intelligence and Response Technology (CIRT) is designed to do.

HOW DOES CIRT FACILITATE PCI COMPLIANCE AND PROTECT YOUR INFORMATION ASSETS? LEARN MORE...
A Pioneer in Digital Investigations Since 1987

2011 AccessData Group. All Rights Reserved.

Using CIRT...

define data sources

define search criteria

execute search

review results/ report

remediate

re-audit to confirm results

PROTECT CONFIDENTIAL DATA. Identify and log the locations of confidential data that have spilled onto unsecure segments of your network, using any combination of search criteria: Keywords (Eyes Only, etc.) Date ranges (created/modified/accessed) Data source (network share, email, computer, SharePoint, etc.) Hashes (to include or exclude) File Type (400+ pre-defined types) File size File status (deleted, hidden) Location (C:\my documents\...) MASSIVE-SCALE DATA AUDITING WITH UNSURPASSED REACH. Search for payment card information and other types of sensitive data on computers, email servers, network shares and even structured data repositories. Auditing will identify confidential data even in files that are open and in use. CONDUCT THOROUGH INCIDENT RESPONSE INVESTIGATIONS. CIRT is the only cyber security solution to integrate network forensics, host forensics and large-scale data auditing, allowing you to not only identify data leakage, but to chase it down and remediate. Identify security breaches, replay events, analyze logs and correlate that information with what is happening to determine how the leakage propagated. The integrated analysis and built-in remediation capabilities of CIRT allow you to more effectively address security threats of any kind. RESPOND EFFECTIVELY TO CONTENT MONITORING ALERTS. Quickly correlate user activity with a content monitoring alert and forensically preserve relevant data. The CIRT security framework includes the only network forensics technology that analyzes and correlates event logs. ACHIEVE AN UNSURPASSED RETURN ON INVESTMENT. No longer pay up to $500,000 for an annual PCI compliance audit. Using AccessData technology, you can perform proactive PCI audits several times a year without the costly service provider fees. Organizations using this technology can achieve full ROI with just one large audit and experience aggregate savings of millions of dollars.

PCI Compliance

Strict security. Robust technology. AccessDatas Secure Network Communications Module, leveraged in our solutions is FIPS 140-2 certified, ensuring that data transferred over a public or private network when employing our certified cryptographic module will be encrypted and protected. In addition, AccessDatas data leakage remediation employs a strong wiping methodology. A configurable architecture and flexible permission structures make it possible for you to control access to information. Find out how AccessData can help you protect your information assets and ensure compliance, call 800.574.5199 / +1.801.377.5410, or email sales@accessdata.com

A Pioneer in Digital Investigations Since 1987

2011 AccessData Group. All Rights Reserved.

You might also like