POS Security That Pays Its Own Way

Size: px
Start display at page:

Download "POS Security That Pays Its Own Way"

Transcription

1 POS Security That Pays Its Own Way The rising costs of POS system management and security

2 Table of Contents A Pain Point for Retailers Is an Opportunity for POS Vendors...3 The Solution: McAfee Integrity Control...3 Three Streams of System Management and Support Cost Reduction....4 Analysis 1: Fast Return on Incremental Costs....4 Analysis 2: Total Reduction in Lifecycle Management Costs...7 The Bottom Line: McAfee Integrity Control Makes Your POS Solution a Better Investment....8 POS Security That Pays Its Own Way 2

3 Retailers are experiencing runaway spending on securing and managing their POS systems, in large part because organized criminals around the world have discovered that point-of-sale (POS) systems are low-risk, high-reward targets that are often poorly defended. The 2012 Verizon Data Breach Investigations Report, which analyzed 855 breaches and 174 million records stolen during 2011, concluded that Internet-facing POS systems, physically exposed ATMs, automated gas pumps, and other self-serve terminals have repeatedly exposed hundreds or thousands of victims to relatively simple sting operations. The report notes that criminals are increasingly targeting smaller organizations with fewer IT resources where POS systems are often poorly configured and inadequately defended. Widespread vulnerabilities include default passwords and remote access software installed to allow off-site management by third-party service providers. Automated port scans are used to identify POS systems with remote access support followed by automated password cracking and automated spyware installation to capture and export payment card information. Between 2009 and 2011, a group of four foreign nationals used this technique to compromise more than 146,000 payment accounts, creating more than $10 million in losses for retailers and payment processors. A Pain Point for Retailers Is an Opportunity for POS Vendors Taken together, the dual challenges of POS security, management, and PCI compliance are a giant headache for retailers and a perfect opportunity for POS vendors. Those that can integrate security controls into their product offerings that demonstrably reduce their vulnerability to compromise, decrease the costs of management, and streamline regulatory compliance will gain a significant competitive advantage in the marketplace. From the retailer s perspective, an airtight business case for such controls can be made solely on the basis of lower system management and support costs, provided that the control set in question is a small-footprint solution that effectively locks down the POS system to prevent intrusion or unauthorized change without imposing significant overhead on the system itself, the network, or the IT staff. The Solution: McAfee Integrity Control This description fits McAfee Integrity Control part of the Intel Security product offering. It s an application-independent security solution that provides lifetime deploy-and-forget protection for retail POS systems, kiosks, ATMs, and other embedded systems. This tightly integrated bundle of McAfee Application Control, McAfee Change Control, and McAfee epolicy Orchestrator (McAfee epo ) software turns a potentially vulnerable system built on commercial operating systems (OS) software into an impenetrable black box. Intruders and malicious application code see only an apparently closed system built on a proprietary operating system. McAfee Integrity Control accomplishes this through three types of functional lockdown capabilities. Execution control: McAfee Integrity Control imposes dynamic application whitelisting on all access to system execution resources, ensuring that only authorized program code is allowed to run. Any program not on the whitelist including any malware that might penetrate upstream security is automatically designated unauthorized. Execution access is systematically denied and every attempt is logged by default. POS Security That Pays Its Own Way 3

4 Memory control: McAfee Integrity Control protects all authorized processes from memory-based hijack attempts. Unauthorized code injected into a running process is trapped, halted, and logged to block buffer overflow, heap overflow, stack execution, and other related exploit strategies. Change control: McAfee Integrity Control enables change enforcement in the system environment by providing real-time change policy management, detection, notification, validation, and tamper-proof event logging. With McAfee Integrity Control, all of these granular control capabilities are delivered through a software agent deployed directly on each POS system. Centralized management, monitoring, and reporting are provided through McAfee epo software, which is bundled with McAfee Integrity Control and runs on a dedicated management server in the customer s data center. Three Streams of System Management and Support Cost Reduction By building McAfee Integrity Control into your POS product s software stack, you provide your retail customers with significantly higher levels of system security, stability, visibility, and data protection that dramatically reduce management and support costs throughout the system s entire service life. Because any attempt to change the system configuration, run unauthorized software, or manipulate system memory are effectively blocked, logged, and reported in real time, management and support workloads can be reduced in specific ways, with quantifiable cost reductions: Operating system patch cycles can be reduced from quarterly to semi-annual intervals, reducing the administrative time devoted to testing and deploying OS updates. During PCI audits, QSA auditors can sample fewer POS devices to document system and security control state. The time required to produce PCI audit reports is dramatically reduced through automation and the availability of pre-defined report formats. Let s examine how just these three reductions in administrative labor and compliance expense can quickly repay the incremental cost of adding McAfee Integrity Control to a POS system and how they can reduce a customer s overall costs for securing and managing a 100-device POS environment. Analysis 1: Fast Return on Incremental Costs First, let s look at the costs of adding McAfee Integrity Control to a 100-device POS deployment. Based on our assessment of total capital and operating expense over a five-year ownership lifecycle, the principal cost components are as follows. Software license fees: The initial product license fee for McAfee Integrity Control is a one-time charge of $ per endpoint, or $17,095.00, for the 100 devices in our sample environment. Software maintenance and support costs: These costs, which include subscription fees for operating system and application updates, come to $42.74 per device per year, for a five-year total of $21, for 100 devices. Management server capital costs: Deploying McAfee epo software to monitor and manage the POS security solution requires a dedicated server platform; the cost would be approximately $2, So the total five-year cost of adding McAfee Integrity Control to a 100-device POS environment is $40,465. POS Security That Pays Its Own Way 4

5 Now let s look at the reductions in management and compliance expense that a retailer can achieve as a result of better security, stability, and manageability of a POS system, with McAfee Integrity Control deployed as part of the OEM solution stack. Savings from reduced patch interval frequency: Because McAfee Integrity Control locks down the POS environment to prevent malware access to execution resources, memory-based hijacking of authorized processes, and unauthorized changes in system configuration, deployment intervals for operating system and application vulnerability patches can be extended without compromising system security. A shift from quarterly to semi-annual patch distributions is prudent and reduces the administrative workload associated with testing and deployment by half. Based on the InformationWeek Analytics 2010 Survey, 1 which found that POS patch management typically consumes one-third the annual capacity of one full-time IT administrator (633 hours/year), and assuming an average hourly labor rate of $75.00, we calculate an annual management cost reduction of (633 x 0.5 x $75) or $23, PCI compliance savings from reduced POS sampling: When a QSA auditor finds that reliable security controls have been deployed throughout a POS environment, most will reduce the number of devices sampled to confirm compliance with security policy and data-handling standards. With no such controls in place, an auditor will commonly sample as many as 15% of the devices in an environment. With controls, a sample of just 2% is often considered sufficient. Based on this reduction (15 devices to two devices), a typical labor requirement of 30 minutes per device, and a typical labor rate of $175 per hour, we calculate an annual audit cost reduction of $1, Savings from PCI reporting automation: The quarterly reporting required for PCI compliance can take up to 25 hours per cycle if the data collection, aggregation, and report preparation are performed manually. McAfee epo software automates the data collection process and ships with standard templates for a wide range of PCI reports, including: Change agent detail and summary. PCI file integrity detail and summary. PCI file integrity detail and summary. User report detail and summary. Server reboot log summary. POS Security That Pays Its Own Way 5

6 Figure 1. Pre-configured PCI compliance reports in McAfee epo software. These standard PCI reports are preconfigured in McAfee epo software, and other customized reports are easily created using the information accessible through the McAfee epo server. This reduces the compliance reporting workload to as little as one hour per cycle. Using this 25-to-one reduction and a typical IT labor rate of $75 per hour, we calculate an annual savings (24 hours x 4 reporting cycles x $75) of $6, The total annual savings in POS management and compliance costs due to the greater security, stability, visibility, and manageability enabled by McAfee Integrity Control is $31,115.00, which will recover all the incremental costs of adding McAfee Integrity Control to the POS solution in just under 16 (15.6) months of operation. POS Security That Pays Its Own Way 6

7 Analysis 2: Total Reduction in Lifecycle Management Costs Next, let s look at the overall impact of McAfee Integrity Control on a retailer s annualized costs to secure and manage the same 100-device POS environment. We will assume that in the absence of a full-function security solution like McAfee Integrity Control, a commercial antivirus product will be deployed to provide basic malware protection. We will compare the costs of one environment secured by McAfee Integrity Control with another secured by McAfee VirusScan Enterprise software alone, looking at the same drivers of management and compliance costs as our first analysis. Annualized license and maintenance costs: These are predictably higher for McAfee Integrity Control than for McAfee VirusScan Enterprise: $7,693 versus $2,400 for our 100-device environment. Operating system patch management costs: As in our ROI analysis, we assume that the administrators of a system secured with a comprehensive solution such as McAfee Integrity Control could prudently reduce OS patching intervals from quarterly to semiannually. For a system with only antivirus security, no such reduction could be advised. If we use the same annual labor requirements from our previous example (633 hours for quarterly POS patching, half that for semi-annual), and the same hourly labor cost ($75), we calculate total annual patch management costs for an environment secured by McAfee Integrity Control, based on a semi-annual patch cycle, at $23, For the environment secured by antivirus software alone, the total cost for quarterly patch testing and distribution would be $47,475. PCI audit sampling costs: As in our previous analysis we assume that a QSA auditor would employ the lowest endpoint sampling frequency (2% of the total device population) in evaluating a POS environment with McAfee Integrity Control s combination of execution control, memory control, and change control deployed end to end. In contrast, an environment secured by antivirus alone would undoubtedly be subject to the maximum 15% sampling rate. Using a per-device labor requirement of 30 minutes and a typical hourly rate of $175, we calculate a sampling cost of $1, for the antivirus-only system and $ for the system with McAfee Integrity Control. PCI reporting costs: Because antivirus alone provides no functionality for reporting security events that occur on a POS device, nor any centralized capability for automating system-wide reporting, the task of compiling quarterly PCI reports remains completely manual. McAfee Integrity Control delivers both a wide range of local event logging capabilities and, in McAfee epo software, a central reporting service. So an environment secured with McAfee Integrity Control delivers fully automated reporting of all device configuration parameters and event metrics required for PCI compliance. Using the same administrative labor requirements cited in our first analysis (25 hours for manual reporting, one for an automated process), the same hourly labor cost ($75), and the same quarterly reporting frequency, we calculate total reporting costs of $7,500 with antivirus security alone versus $300 with McAfee Integrity Control. A dedicated server for McAfee epo software: This $2,000 expense applies, as we discussed earlier, only to the McAfee Integrity Control-secured environment. Total annual POS maintenance and compliance costs: Antivirus only $58, McAfee Integrity Control $31, Total savings with McAfee Integrity Control $26, POS Security That Pays Its Own Way 7

8 The Bottom Line: McAfee Integrity Control Makes Your POS Solution a Better Investment Adding McAfee Integrity Control to your POS solution simply makes your offering more appealing to your retailer customers. It not only secures their POS infrastructure and data, it significantly reduces POS management and compliance costs, pays for the entire incremental cost in just under 16 months, and continues to add bottom line value throughout the entire system lifecycle. For more information visit 1. InformationWeek Analytics 2010 Strategic Security Survey: Global Threat, Local Pain, April 2010 McAfee. Part of Intel Security Mission College Boulevard Santa Clara, CA Intel and the Intel logo are registered trademarks of the Intel Corporation in the US and/or other countries. McAfee, the McAfee logo, epolicy Orchestrator, McAfee epo, and VirusScan are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the US and other countries. Other marks and brands may be claimed as the property of others. The product plans, specifications and descriptions herein are provided for information only and subject to change without notice, and are provided without warranty of any kind, express or implied. Copyright 2013 McAfee, Inc wp_integ-retail-roi_0213B_fnl_ETMG

McAfee Server Security

McAfee Server Security Security Secure server workloads with low performance impact and integrated management efficiency. Suppose you had to choose between securing all the servers in your data center physical and virtual or

More information

Choosing Between Whitelisting and Blacklisting Endpoint Security Software for Fixed Function Devices

Choosing Between Whitelisting and Blacklisting Endpoint Security Software for Fixed Function Devices Choosing Between Whitelisting and Blacklisting Endpoint Security Software for Fixed Function Devices McAfee* application whitelisting combined with Intel vpro technology can improve security, increase

More information

McAfee Security Architectures for the Public Sector

McAfee Security Architectures for the Public Sector White Paper McAfee Security Architectures for the Public Sector End-User Device Security Framework Table of Contents Business Value 3 Agility 3 Assurance 3 Cost reduction 4 Trust 4 Technology Value 4 Speed

More information

Technology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications

Technology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications Technology Blueprint Protect Your Email Servers Guard the data and availability that enable business-critical communications LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security

More information

Total Protection for Compliance: Unified IT Policy Auditing

Total Protection for Compliance: Unified IT Policy Auditing Total Protection for Compliance: Unified IT Policy Auditing McAfee Total Protection for Compliance Regulations and standards are growing in number, and IT audits are increasing in complexity and cost.

More information

Technology Blueprint. Secure Your Point-of-Sale. Lock down point of sale/service (POS) systems

Technology Blueprint. Secure Your Point-of-Sale. Lock down point of sale/service (POS) systems Technology Blueprint Secure Your Point-of-Sale (POS) Systems Lock down point of sale/service (POS) systems LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security Connected The

More information

McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software

McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software McAfee Global Threat Intelligence File Reputation Service Best Practices Guide for McAfee VirusScan Enterprise Software Table of Contents McAfee Global Threat Intelligence File Reputation Service McAfee

More information

Intel Security and TCS: Together Securing Workloads of the Modern Data Center

Intel Security and TCS: Together Securing Workloads of the Modern Data Center Intel Security and TCS: Together Securing Workloads of the Modern Data Center Data center security today is extremely different from what it was an era ago primarily because the data center has undergone

More information

How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform

How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform McAfee Endpoint Security 10 provides customers with an intelligent, collaborative framework, enabling endpoint defenses to

More information

Endpoint Security for DeltaV Systems

Endpoint Security for DeltaV Systems DeltaV Systems Service Data Sheet Endpoint Security for DeltaV Systems Essential protection that consolidates endpoint and data security. Reduces the time and effort spent deploying and managing security

More information

Securing the Internet of Things OEM capabilities assure trust, integrity, accountability, and privacy.

Securing the Internet of Things OEM capabilities assure trust, integrity, accountability, and privacy. Securing the Internet of Things OEM capabilities assure trust, integrity, accountability, and privacy. The number of Internet-connected smart devices is growing at a rapid pace. According to Gartner, the

More information

Securing OS Legacy Systems Alexander Rau

Securing OS Legacy Systems Alexander Rau Securing OS Legacy Systems Alexander Rau National Information Security Strategist Sample Agenda 1 Today s IT Challenges 2 Popular OS End of Support & Challenges for IT 3 How to protect Legacy OS systems

More information

McAfee Acquires NitroSecurity

McAfee Acquires NitroSecurity McAfee Acquires NitroSecurity McAfee announced that it has closed the acquisition of privately owned NitroSecurity. 1. Who is NitroSecurity? What do they do? NitroSecurity develops high-performance security

More information

McAfee Endpoint Security Frequently Asked Questions

McAfee Endpoint Security Frequently Asked Questions McAfee Endpoint Security Frequently Asked Questions Overview You re facing new challenges in light of the increase of advanced malware. Limited integration between threat detection, network, and endpoint

More information

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection Technology Blueprint Secure Your Virtual Desktop Infrastructure Optimize your virtual desktop infrastructure for performance and protection LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL

More information

Secure Virtualization in the Federal Government

Secure Virtualization in the Federal Government White Paper Secure Virtualization in the Federal Government Achieve efficiency while managing risk Table of Contents Ready, Fire, Aim? 3 McAfee Solutions for Virtualization 4 Securing virtual servers in

More information

Technology Blueprint. Protect Your VoIP/SIP Servers. Insulating your voice network and its servers from attacks and disruption

Technology Blueprint. Protect Your VoIP/SIP Servers. Insulating your voice network and its servers from attacks and disruption Technology Blueprint Protect Your VoIP/SIP Servers Insulating your voice network and its servers from attacks and disruption LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security

More information

The Business Case for Security Information Management

The Business Case for Security Information Management The Essentials Series: Security Information Management The Business Case for Security Information Management sponsored by by Dan Sullivan Th e Business Case for Security Information Management... 1 Un

More information

Power, Patch, and Endpoint Managers Expand McAfee epo Platform Capabilities While Cutting Endpoint Costs

Power, Patch, and Endpoint Managers Expand McAfee epo Platform Capabilities While Cutting Endpoint Costs Business Brief Power, Patch, and Endpoint Managers Expand McAfee epo Platform Capabilities While Cutting Endpoint Costs McAfee Compatible Solution Autonomic Software Endpoint Manager 1.2 and McAfee epo

More information

McAfee Certified Product Specialist McAfee epolicy Orchestrator

McAfee Certified Product Specialist McAfee epolicy Orchestrator McAfee Certified Product Specialist McAfee epolicy Orchestrator Exam preparation guide Table of Contents Introduction 3 Becoming McAfee Certified 3 Exam Details 3 Recommended Exam Preparation 4 Exam Objectives

More information

Reducing the cost and complexity of endpoint management

Reducing the cost and complexity of endpoint management IBM Software Thought Leadership White Paper October 2014 Reducing the cost and complexity of endpoint management Discover how midsized organizations can improve endpoint security, patch compliance and

More information

McAfee Endpoint Protection for SMB. You grow your business. We keep it secure.

McAfee Endpoint Protection for SMB. You grow your business. We keep it secure. McAfee Endpoint Protection for SMB You grow your business. We keep it secure. Big Protection for Small to Medium-Sized Businesses With the Internet and connected devices now an integral part of your business,

More information

Xerox Next Generation Security: Partnering with McAfee White Paper

Xerox Next Generation Security: Partnering with McAfee White Paper Xerox Next Generation Security: Partnering with McAfee White Paper 1 Background Today s MFPs are complex embedded systems. They contain, among other things, full scale operating systems, embedded web servers,

More information

McAfee Application Control / Change Control Administration Intel Security Education Services Administration Course

McAfee Application Control / Change Control Administration Intel Security Education Services Administration Course McAfee Application Control / Change Control Administration Intel Security Education Services Administration Course The McAfee University Application Control / Change Control Administration course enables

More information

McAfee epolicy Orchestrator

McAfee epolicy Orchestrator Optimizing Security Management with McAfee epolicy Orchestrator The proof is in the research Chief information officers (CIOs) at enterprises worldwide are facing a major struggle today: how to balance

More information

Securing the Internet of Things

Securing the Internet of Things Business Brief Securing the Internet of Things OEM capabilities assure trust, integrity, accountability, and privacy IoT Architectural Challenges Given the diversity and scale of the IoT, new security

More information

McAfee Public Cloud Server Security Suite

McAfee Public Cloud Server Security Suite Installation Guide McAfee Public Cloud Server Security Suite For use with McAfee epolicy Orchestrator COPYRIGHT Copyright 2015 McAfee, Inc., 2821 Mission College Boulevard, Santa Clara, CA 95054, 1.888.847.8766,

More information

Technology Blueprint. Protect Your Servers. Preserve uptime by blocking attacks and unauthorized changes

Technology Blueprint. Protect Your Servers. Preserve uptime by blocking attacks and unauthorized changes Technology Blueprint Protect Your Application Servers Preserve uptime by blocking attacks and unauthorized changes LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security Connected

More information

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense A Trend Micro Whitepaper I February 2016 Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense How Trend Micro Deep Security Can Help: A Mapping to the SANS Top 20 Critical

More information

Host-based Protection for ATM's

Host-based Protection for ATM's SOLUTION BRIEF:........................................ Host-based Protection for ATM's Who should read this paper ATM manufacturers, system integrators and operators. Content Introduction...........................................................................................................

More information

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training McAfee Web Gateway Administration Intel Security Education Services Administration Course Training The McAfee Web Gateway Administration course from Education Services provides an in-depth introduction

More information

NIST Guidelines for Secure Shell and What They Mean for Your Organization

NIST Guidelines for Secure Shell and What They Mean for Your Organization NIST Guidelines for Secure Shell and What They Mean for Your Organization Table of Contents Introduction 3 SSH: A refresher 3 A secure yet vulnerable control 3 A widespread risk throughout the enterprise

More information

IBM Tivoli Endpoint Manager for Lifecycle Management

IBM Tivoli Endpoint Manager for Lifecycle Management IBM Endpoint Manager for Lifecycle Management A single-agent, single-console approach for endpoint management across the enterprise Highlights Manage hundreds of thousands of endpoints regardless of location,

More information

Technology Blueprint. Assess Your Vulnerabilities. Maintain a continuous understanding of assets and manage vulnerabilities in real time

Technology Blueprint. Assess Your Vulnerabilities. Maintain a continuous understanding of assets and manage vulnerabilities in real time Technology Blueprint Assess Your Vulnerabilities Maintain a continuous understanding of assets and manage vulnerabilities in real time LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1

More information

Protecting Point-of-Sale Environments Against Multi-Stage Attacks

Protecting Point-of-Sale Environments Against Multi-Stage Attacks SOLUTION BRIEF: PROTECTING POS DEVICES & BROADER ENVIRONMENT........................................ Protecting Point-of-Sale Environments Against Multi-Stage Attacks Who should read this paper Point-of-Sale

More information

Symantec Protection Suite Enterprise Edition for Servers Complete and high performance protection where you need it

Symantec Protection Suite Enterprise Edition for Servers Complete and high performance protection where you need it Complete and high performance protection where you need it Overview delivers high-performance protection against physical and virtual server downtime with policy based prevention, using multiple protection

More information

McAfee MOVE AntiVirus 3.6.0

McAfee MOVE AntiVirus 3.6.0 Release Notes McAfee MOVE AntiVirus 3.6.0 For use with McAfee epolicy Orchestrator Contents About this document About the product New features Installation instructions Known issues Find product documentation

More information

V ISA SECURITY ALERT 13 November 2015

V ISA SECURITY ALERT 13 November 2015 V ISA SECURITY ALERT 13 November 2015 U P DATE - CYBERCRIMINALS TARGE TING POINT OF SALE INTEGRATORS Distribution: Value-Added POS Resellers, Merchant Service Providers, Point of Sale Providers, Acquirers,

More information

McAfee VirusScan and epolicy Orchestrator Administration Course

McAfee VirusScan and epolicy Orchestrator Administration Course McAfee VirusScan and epolicy Orchestrator Administration Course Intel Security Education Services Administration Course Training The McAfee VirusScan and epolicy Orchestrator Administration course from

More information

WhiteHat Security White Paper. Top 11 PCI DSS 3.0 Changes That Will Affect Your Application Security Program

WhiteHat Security White Paper. Top 11 PCI DSS 3.0 Changes That Will Affect Your Application Security Program WhiteHat Security White Paper Top 11 PCI DSS 3.0 Changes That Will Affect Your Application Security Program October 2015 The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information

More information

McAfee Next Generation Firewall Optimize your defense, resilience, and efficiency.

McAfee Next Generation Firewall Optimize your defense, resilience, and efficiency. Optimize your defense, resilience, and efficiency. Table of Contents Need Stronger Network Defense? Network Concerns Security Concerns Cost of Ownership Manageability Application and User Awareness High

More information

Maintaining PCI-DSS compliance. Daniele Bertolotti daniele_bertolotti@symantec.com Antonio Ricci antonio_ricci@symantec.com

Maintaining PCI-DSS compliance. Daniele Bertolotti daniele_bertolotti@symantec.com Antonio Ricci antonio_ricci@symantec.com Maintaining PCI-DSS compliance Daniele Bertolotti daniele_bertolotti@symantec.com Antonio Ricci antonio_ricci@symantec.com Sessione di Studio Milano, 21 Febbraio 2013 Agenda 1 Maintaining PCI-DSS compliance

More information

McAfee Web Reporter Turning volumes of data into actionable intelligence

McAfee Web Reporter Turning volumes of data into actionable intelligence McAfee Web Reporter Turning volumes of data into actionable intelligence Business today is more Internet-dependent than ever before. From missioncritical services to productivity tools, Internet access

More information

White Paper. PCI Guidance: Microsoft Windows Logging

White Paper. PCI Guidance: Microsoft Windows Logging PCI Guidance: Microsoft Windows Logging Table of Contents Introduction...3 This white paper was written by: Cayce Beames, CISSP, QSA, Technical Practice Director, Strategic Services, Intel Security Preparation

More information

IBM Tivoli Endpoint Manager for Lifecycle Management

IBM Tivoli Endpoint Manager for Lifecycle Management IBM Endpoint Manager for Lifecycle Management A single-agent, single-console approach for endpoint management across the enterprise Highlights Manage hundreds of thousands of endpoints regardless of location,

More information

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND Introduction > New security threats are emerging all the time, from new forms of malware and web application exploits that target

More information

IPLocks Vulnerability Assessment: A Database Assessment Solution

IPLocks Vulnerability Assessment: A Database Assessment Solution IPLOCKS WHITE PAPER February 2006 IPLocks Vulnerability Assessment: A Database Assessment Solution 2665 North First Street, Suite 110 San Jose, CA 95134 Telephone: 408.383.7500 www.iplocks.com TABLE OF

More information

Preemptive security solutions for healthcare

Preemptive security solutions for healthcare Helping to secure critical healthcare infrastructure from internal and external IT threats, ensuring business continuity and supporting compliance requirements. Preemptive security solutions for healthcare

More information

Trend Micro. Advanced Security Built for the Cloud

Trend Micro. Advanced Security Built for the Cloud datasheet Trend Micro deep security as a service Advanced Security Built for the Cloud Organizations are embracing the economic and operational benefits of cloud computing, turning to leading cloud providers

More information

Intel Security Certified Product Specialist Security Information Event Management (SIEM)

Intel Security Certified Product Specialist Security Information Event Management (SIEM) Intel Security Certified Product Specialist Security Information Event Management (SIEM) Why Get Intel Security Certified? As technology and security threats continue to evolve, organizations are looking

More information

The McAfee SECURE TM Standard

The McAfee SECURE TM Standard The McAfee SECURE TM Standard December 2008 What is the McAfee SECURE Standard? McAfee SECURE Comparison Evaluating Website s Security Status Websites Not In Compliance with McAfee SECURE Standard Benefits

More information

Managed Intrusion, Detection, & Prevention Services (MIDPS) Why E-mail Sorting Solutions? Why ProtectPoint?

Managed Intrusion, Detection, & Prevention Services (MIDPS) Why E-mail Sorting Solutions? Why ProtectPoint? Managed Intrusion, Detection, & Prevention Services (MIDPS) Why E-mail Sorting Solutions? Why ProtectPoint? Why? Focused on Managed Intrusion Security Superior-Architected Hardened Technology Security

More information

Everything You Wanted to Know about DISA STIGs but were Afraid to Ask

Everything You Wanted to Know about DISA STIGs but were Afraid to Ask Everything You Wanted to Know about DISA STIGs but were Afraid to Ask An EiQ Networks White Paper 2015 EiQ Networks, Inc. All Rights Reserved. EiQ, the EiQ logo, the SOCVue logo, SecureVue, ThreatVue,

More information

How Protected Is Your Enterprise?

How Protected Is Your Enterprise? How Protected Is Your Enterprise? Next Gen thinking and technology to help strengthen and protect your critical business systems and data Greg Belanger, CISSP Symantec (Canada) Corporation - Security Practice

More information

Verve Security Center

Verve Security Center Verve Security Center Product Features Supports multiple control systems. Most competing products only support a single vendor, forcing the end user to purchase multiple security systems Single solution

More information

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

Protect the data that drives our customers business. Data Security. Imperva s mission is simple: The Imperva Story Who We Are Imperva is the global leader in data security. Thousands of the world s leading businesses, government organizations, and service providers rely on Imperva solutions to prevent

More information

McAfee Endpoint Security 10.0.0 Software

McAfee Endpoint Security 10.0.0 Software Installation Guide McAfee Endpoint Security 10.0.0 Software For use with epolicy Orchestrator 5.1.1 5.2.0 software and the McAfee SecurityCenter COPYRIGHT Copyright 2014 McAfee, Inc. Do not copy without

More information

McAfee Advanced Threat Defense 3.6.0

McAfee Advanced Threat Defense 3.6.0 Release Notes McAfee Advanced Threat Defense 3.6.0 Revision C Contents About this release New Features Enhancements Resolved issues Installation and upgrade notes Known issues Product documentation About

More information

Need to be PCI DSS compliant and reduce the risk of fraud?

Need to be PCI DSS compliant and reduce the risk of fraud? Need to be PCI DSS compliant and reduce the risk of fraud? NCR Security lessens your PCI compliance burden and protects the integrity of your network An NCR White Paper Experience a new world of interaction

More information

Quantifying the Value of Software Asset Management

Quantifying the Value of Software Asset Management 1 Executive Summary Over the past few decades, employees have come to rely more and more heavily on software solutions to automate and enhance a variety of core business activities from sales order entry

More information

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information 1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information Proteggere i dati direttamente nel database Una proposta tecnologica Angelo Maria Bosis Sales Consulting Senior Manager

More information

McAfee Enterprise Mobility

McAfee Enterprise Mobility McAfee Enterprise Mobility Bringing Mobile Devices into the Security Infrastructure John Dasher 14 September 2011 Devices/Users (MM in Log Scale) Hypergrowth in Mobile Devices Computing Cycles in Perspective

More information

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks Dale Peterson Director, Network Security Practice Digital Bond, Inc. 1580 Sawgrass Corporate Parkway, Suite 130 Sunrise, FL 33323

More information

Data Center Connector for vsphere 3.0.0

Data Center Connector for vsphere 3.0.0 Product Guide Data Center Connector for vsphere 3.0.0 For use with epolicy Orchestrator 4.6.0, 5.0.0 Software COPYRIGHT Copyright 2013 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS

More information

About Help Desk. McAfee Help Desk 2.0 Software. Product Guide. Functions of McAfee Help Desk software. Quarantine release.

About Help Desk. McAfee Help Desk 2.0 Software. Product Guide. Functions of McAfee Help Desk software. Quarantine release. Product Guide McAfee Help Desk 2.0 Software About Help Desk McAfee Help Desk is an extension installed in McAfee epolicy Orchestrator (McAfee epo ). Administrators use McAfee Help Desk to issue challenge/response

More information

Understanding the Threat Prevention Module Endpoint Security 10 Intel Security Product Management

Understanding the Threat Prevention Module Endpoint Security 10 Intel Security Product Management Understanding the Threat Prevention Module Endpoint Security 10 Intel Security Product Management 15 Executive Summary The main audience of this white paper is security administrators who are responsible

More information

McAfee Endpoint Protection Products

McAfee Endpoint Protection Products McAfee Total Protection Security Overview for MEEC Sumeet Gohri, CISSP Sr. Sales Engineer GovED + Healthcare McAfee, Inc. Agenda Protection Challenges McAfee Protection Products McAfee epo walkthrough

More information

Extreme Networks Security Analytics G2 Vulnerability Manager

Extreme Networks Security Analytics G2 Vulnerability Manager DATA SHEET Extreme Networks Security Analytics G2 Vulnerability Manager Improve security and compliance by prioritizing security gaps for resolution HIGHLIGHTS Help prevent security breaches by discovering

More information

Document ID. Cyber security for substation automation products and systems

Document ID. Cyber security for substation automation products and systems Document ID Cyber security for substation automation products and systems 2 Cyber security for substation automation systems by ABB ABB addresses all aspects of cyber security The electric power grid has

More information

PCI Data Security Standards (DSS)

PCI Data Security Standards (DSS) ENTERPRISE APPLICATION WHITELISTING SOLUTION Achieving PCI Compliance at the Point of Sale Using Bit9 Parity TM to Protect Cardholder Data PCI: Protecting Cardholder Data As the technology used by merchants

More information

Seven Requirements for Hybrid Web Delivery Getting the best of both on-premises and SaaS

Seven Requirements for Hybrid Web Delivery Getting the best of both on-premises and SaaS Seven Requirements for Hybrid Web Delivery Getting the best of both on-premises and SaaS Traditionally, IT risk management has balanced security investment and the impact of the threat, allowing each business

More information

Strengthening Security, Control, and Compliance for Retail OEMs and Their Customers

Strengthening Security, Control, and Compliance for Retail OEMs and Their Customers White Paper Strengthening,, and for Retail OEMs and Their Customers McAfee embedded security solutions Table of Contents Introduction 3 Retail Drivers 3 PCI DSS Does Not Equal 4 The McAfee Approach to

More information

Description of Actual State Sensor Types for the Software Asset Management (SWAM) Capability. 7 Jul 2014

Description of Actual State Sensor Types for the Software Asset Management (SWAM) Capability. 7 Jul 2014 Description of Actual State Sensor Types for the Software Asset Management (SWAM) Capability 7 Jul 2014 1 Purpose This document is intended to provide insight on the types of tools and technologies that

More information

IBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems

IBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems IBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems Proactively address regulatory compliance requirements and protect sensitive data in real time Highlights Monitor and audit data activity

More information

IBM Tivoli Endpoint Manager for Security and Compliance

IBM Tivoli Endpoint Manager for Security and Compliance IBM Endpoint Manager for Security and Compliance A single solution for managing endpoint security across the organization Highlights Provide up-to-date visibility and control from a single management console

More information

Agent or Agentless Policy Assessments: Why Choose?

Agent or Agentless Policy Assessments: Why Choose? Technical Brief Agent or Agentless Policy Assessments: Why Choose? McAfee Total Protection for Compliance Meeting newer, more stringent regulatory standards and the increasing number of IT audits requires

More information

Intel Security Certified Product Specialist Data Loss Prevention Endpoint (DLPe)

Intel Security Certified Product Specialist Data Loss Prevention Endpoint (DLPe) Intel Security Certified Product Specialist Data Loss Prevention Endpoint (DLPe) Why Get Intel Security Certified? As technology and security threats continue to evolve, organizations are looking for employees

More information

Protecting Sensitive Data Reducing Risk with Oracle Database Security

Protecting Sensitive Data Reducing Risk with Oracle Database Security Protecting Sensitive Data Reducing Risk with Oracle Database Security Antonio.Mata.Gomez@oracle.com Information Security Architect Agenda 1 2 Anatomy of an Attack Three Steps to Securing an Oracle Database

More information

McAfee Data Loss Prevention Endpoint 9.3.416

McAfee Data Loss Prevention Endpoint 9.3.416 Release Notes Revision A McAfee Data Loss Prevention Endpoint 9.3.416 For use with McAfee epolicy Orchestrator Contents About this release Resolved issues Installation instructions Known issues Find product

More information

Intel Active Management Technology Embedded Host-based Configuration in Intelligent Systems

Intel Active Management Technology Embedded Host-based Configuration in Intelligent Systems WHITE PAPER Intel vpro Technology Embedded Host-based Configuration in Intelligent Systems Easy activation of Intel vpro technology remote manageability without trade-offs in security, functionality, and

More information

PCI Compliance: How to ensure customer cardholder data is handled with care

PCI Compliance: How to ensure customer cardholder data is handled with care PCI Compliance: How to ensure customer cardholder data is handled with care Choosing a safe payment process for your business Contents Contents 2 Executive Summary 3 PCI compliance and accreditation 4

More information

Zone Labs Integrity Smarter Enterprise Security

Zone Labs Integrity Smarter Enterprise Security Zone Labs Integrity Smarter Enterprise Security Every day: There are approximately 650 successful hacker attacks against enterprise and government locations. 1 Every year: Data security breaches at the

More information

Introduction to PCI DSS

Introduction to PCI DSS Month-Year Introduction to PCI DSS March 2015 Agenda PCI DSS History What is PCI DSS? / PCI DSS Requirements What is Cardholder Data? What does PCI DSS apply to? Payment Ecosystem How is PCI DSS Enforced?

More information

Information Security & Privacy Solutions Enabling Information Governance

Information Security & Privacy Solutions Enabling Information Governance Information Security & Privacy Solutions Enabling Information Governance LYNDA KEITANY IM SALES SPECIALIST July 11, 2012 What s at Stake? Damage to company reputation Brand equity damage; negative publicity

More information

5 Tips to Help Protect Your Data

5 Tips to Help Protect Your Data 5 Tips to Help Protect Your Data From passive monitoring to proactive protection Table of Contents Modern Data Protection Challenges....3 1. Identify a Corporate Champion in the Business, not in IT...4

More information

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Clone Systems Business Security Intelligence Properly Secure Every Business Network Executive Summary

More information

Ben Hall Technical Pre-Sales Manager Barry Kew Pre-Sales Consultant

Ben Hall Technical Pre-Sales Manager Barry Kew Pre-Sales Consultant Ben Hall Technical Pre-Sales Manager Barry Kew Pre-Sales Consultant The Future of LANDESK Management Suite & Security Suite W H AT S N E W i n 9.6 + SP1 + SP2 E N D U S E R WORKSPA C E A C C E L E R AT

More information

IBM Endpoint Manager for Lifecycle Management

IBM Endpoint Manager for Lifecycle Management IBM Endpoint Manager for Lifecycle Management A single-agent, single-console approach for endpoint management across the enterprise Highlights Manage hundreds of thousands of endpoints regardless of location,

More information

eguide: Designing a Continuous Response Architecture Executive s Guide to Windows Server 2003 End of Life

eguide: Designing a Continuous Response Architecture Executive s Guide to Windows Server 2003 End of Life Executive s Guide to Windows Server 2003 End of Life Facts About Windows Server 2003 Introduction On July 14, 2015 Microsoft will end support for Windows Sever 2003 and Windows Server 2003 R2. Like Windows

More information

Proven LANDesk Solutions

Proven LANDesk Solutions LANDesk Solutions Descriptions Proven LANDesk Solutions IT departments face pressure to reduce costs, reduce risk, and increase productivity in the midst of growing IT complexity. More than 4,300 organizations

More information

Best Practices: Corporate Online Banking Security

Best Practices: Corporate Online Banking Security Best Practices: Corporate Online Banking Security These Best Practices assume that your organization has a commercially-reasonable security infrastructure in place. These Best Practices are not comprehensive

More information

whitepaper The Benefits of Integrating File Integrity Monitoring with SIEM

whitepaper The Benefits of Integrating File Integrity Monitoring with SIEM The Benefits of Integrating File Integrity Monitoring with SIEM Security Information and Event Management (SIEM) is designed to provide continuous IT monitoring, actionable intelligence, incident response,

More information

White Paper. Consolidate Network Security to Reduce Cost and Maximise Enterprise Protection

White Paper. Consolidate Network Security to Reduce Cost and Maximise Enterprise Protection Consolidate Network Security to Reduce Cost and Maximise Enterprise Protection Table of Contents Security Consolidation 3 Application identification and control 3 User identification and control 3 Intrusion

More information

BEST PRACTICES WHITE PAPER. BMC BladeLogic Client Automation and Intel Core vpro Processors

BEST PRACTICES WHITE PAPER. BMC BladeLogic Client Automation and Intel Core vpro Processors BEST PRACTICES WHITE PAPER BMC BladeLogic Client Automation and Intel Core vpro Processors Table of Contents Introduction................................................... 1 About BMC.......................................................

More information

Cisco Advanced Malware Protection for Endpoints

Cisco Advanced Malware Protection for Endpoints Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection

More information

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE Solution Brief SUMMARY New security threats demand a new approach to security management. Security teams need a security analytics architecture that can handle

More information