Meet PCI Compliance using Security Information and Event Management (SIEM)

TriGeo Security Information Management in the Payment Card Industry:
Using TriGeo SIM To Meet PCI RequirementsUsing TriGeo SIM To Meet PCI Requirements 1
The challenge of PCI compliance
Today, more than a billion people around the world use payment cards to support commercial transactions. The use of these payment cards represents an enormous opportunity for businesses to increase sales at the counter as well as through rapidly expanding channels such as online shopping.
However, the information associated with these payment cards-commonly referred to as "cardholder data"-is the focus of a growing number of identity theft activities.
To address the need to improve payment card security, the card industry has created a set of global requirements called the Payment Card Industry (PCI) Data Security Standard (DSS). Basically, PCI is a set of 12 data-centric control objectives and associated requirements for ensuring the security and privacy of cardholder data. All 12 requirements must be met for compliance, and the penalties for non-compliance are severe.
©2008 TriGeo Network Security, Inc. All rights reserved. TriGeo and TriGeo SIM are trademarks of TriGeo Network Security, Inc.Using TriGeo SIM To Meet PCI Requirements 2
Compliance with Security Information and Event Management (SIEM)
Simply deploying a security solution cannot guarantee that you will meet every PCI requirement in full. However, SIEM provides the data visibility, log management, end-point security and active response required to demonstrate PCI compliance.
A SIEM can give you deep visibility into data generated by devices across networks, platforms and environments. TriGeoT SIM acts as a central collection point for device data, automatically aggregating and then normalizing this data into a consistent format. Data normalization, in turn, supports correlation-so anomalies and security threats can be easily and quickly identified. Other advantages with SIEM technologies can include automated responses to suspicious events, as well as advanced reporting functionality.
©2008 TriGeo Network Security, Inc. All rights reserved. TriGeo and TriGeo SIM are trademarks of TriGeo Network Security, Inc.Using TriGeo SIM To Meet PCI Requirements 3
In short, SIEM can help you meet your PCI auditing requirements through increased visibility, security and control over consolidated data. With TriGeo SIM in particular, you can take advantage of the following capabilities:
Enhanced security. ? Full 24x7 network security coverage, from the perimeter to the desktop, even with limited IT staff and minimal budget ? Real-time log collection and encrypted agent communication that ensures chain of custody and data integrity ? Real-time event analysis and correlation ? USB detection and prevention ? Bundled Snort® Intrusion Detection System (IDS)
Comprehensive automation. ? Automated remediation that actively responds to defend your network ? Automated notification of network security events to the TriGeo SIM Console, email, cell phone, pager or handheld device ? Automated filtering, aggregation and normalization of network device logs
Ease of use and ownership. ? Rapid deployment of the appliance, with no network downtime ? Over 650 correlations, prebuilt with rules specific to PCI compliance ? Over 240 reports to meet the increasing demands of auditors and regulatory compliance ? Usable and affordable-designed and priced for the mid-market
©2008 TriGeo Network Security, Inc. All rights reserved. TriGeo and TriGeo SIM are trademarks of TriGeo Network Security, Inc.Using TriGeo SIM To Meet PCI Requirements 4
How TriGeo SIM addresses PCI requirements
In the following pages, we will discuss each of the 12 requirements of PCI and how TriGeo SIM can help you meet these requirements in an efficient, cost-effective manner.
Requirement 1: Install and maintain a firewall configuration to protect cardholder data
This requirement is designed to clearly separate the outside world from sensitive areas of the network. To achieve that objective, a firewall must be deployed and also properly configured. Once it is configured, any subsequent access to that configuration must be carefully monitored.
TriGeo SIM supports Requirement 1.1.9, which stipulates that logs must be monito... [download for more]