Major Retailer Achieves Compliance With the PCI Data Security Standard



Similar documents
Virtualization Case Study

Single Sign-On for Kerberized Linux and UNIX Applications

Using Likewise Enterprise to Boost Compliance with Sarbanes-Oxley

Likewise Security Benefits

Active Directory and DirectControl

Whitepaper: Centeris Likewise Identity 3.0 Security Benefits

Pipeliner CRM Phaenomena Guide Getting Started with Pipeliner Pipelinersales Inc.

Windows Least Privilege Management and Beyond

White Paper. Software version: 5.0

CRM to Exchange Synchronization

Overview of Microsoft Office 365 Development

HIPAA: The Role of PatientTrak in Supporting Compliance

Managing UNIX Generic and Service Accounts with Active Directory

An Overview of Samsung KNOX Active Directory and Group Policy Features

Microsoft Windows Server 2003 and Tecplot Software

identity management in Linux and UNIX environments

Pipeliner CRM Phaenomena Guide Sales Pipeline Management Pipelinersales Inc.

Cisco Network Admission Control and Microsoft Network Access Protection Interoperability Architecture

Securing VMware Virtual Infrastructure with Centrify's Identity and Access Management Suite

How To Manage A Privileged Account Management

Active Directory and Linux Identity Management

Pipeliner CRM Phaenomena Guide Add-In for MS Outlook Pipelinersales Inc.

Pipeliner CRM Phaenomena Guide Administration & Setup Pipelinersales Inc.

Timesheet audit trail and absence reporting for DCAA. Syed Ali May 2014

CRM to Exchange Synchronization

MBAM Self-Help Portals

PCI Compliance Can Make Your Organization Stronger and Fitter. Brent Harman Manager, Systems Consultant Team West NetPro Computing, Inc.

Pipeliner CRM Phaenomena Guide Opportunity Management Pipelinersales Inc.

Server Consolidation with SQL Server 2008

Windows Scheduled Tasks Management Pack Guide for System Center Operations Manager. Published: 07 March 2013

CA SiteMinder SSO Agents for ERP Systems

Active Directory Change Notifier Quick Start Guide

Microsoft and Novell - A Case Study in Identity Federation

Using PowerBroker Identity Services to Comply with the PCI DSS Security Standard

Microsoft and Citrix: Joint Virtual Desktop Infrastructure (VDI) Offering

Host Access Management and Security Server

Enterprise Reporter Report Library

Reservations in Warehouse management. Warehouse management team May White paper

How To Use Directcontrol With Netapp Filers And Directcontrol Together

Open Directory. Apple s standards-based directory and network authentication services architecture. Features

A Microsoft U.S. Public Sector White Paper by Ken Page and Shelly Bird. January government

Dell Enterprise Reporter 2.5. Configuration Manager User Guide

Statement of Direction

Cloud Identity Management Tool Quick Start Guide

Addressing the United States CIO Office s Cybersecurity Sprint Directives

Pipeliner CRM Phaenomena Guide Lead Management Pipelinersales Inc.

Datacenter Management Optimization with Microsoft System Center

Red Hat Enterprise IPA Identity & Access Management for Linux and Unix Environments. Dragos Manac

WINDOWS 7 & HOMEGROUP

CRM Form to Web. Internet Lead Capture. Product Registration Instructions VERSION 1.0 DATE PREPARED: 1/1/2013

Executive Summary WHO SHOULD READ THIS PAPER?

CRM to Exchange Synchronization

Hyper-V Server 2008 Setup and Configuration Tool Guide

White paper December Addressing single sign-on inside, outside, and between organizations

RSA SecurID Two-factor Authentication

Netwrix Auditor for Windows Server

Management Reporter Integration Guide for Microsoft Dynamics AX

Single Sign-On for SAP R/3 on UNIX with Centrify DirectControl and Microsoft Active Directory

Understanding How to Choose a Database Platform for Siemens PLM Software s Teamcenter

PowerBroker for Windows

The Essentials Series: Enterprise Identity and Access Management. Authorization. sponsored by. by Richard Siddaway

RSA Authentication Manager 7.1 Basic Exercises

BlackShield ID Agent for Remote Web Workplace

BlackShield ID Agent for Terminal Services Web and Remote Desktop Web

Pipeliner CRM Phaenomena Guide Sales Target Tracking Pipelinersales Inc.

Datacenter Management and Virtualization. Microsoft Corporation

Dell InTrust Preparing for Auditing Microsoft SQL Server

Google Apps Deployment Guide

Centrify Identity and Access Management for Cloudera

The Essentials Series: Enterprise Identity and Access Management. Authentication. sponsored by. by Richard Siddaway

White paper September Realizing business value with mainframe security management

How to Secure a Groove Manager Web Site

Centralized Mac Home Directories with ExtremeZ-IP

Securing Windows 2000 Server Support Plan

BUSINESS INTELLIGENCE

Integration points: Project management and accounting and other Microsoft Dynamics AX 2012 modules

IDENTIKEY Appliance Administrator Guide

Deploying the Workspace Application for Microsoft SharePoint Online

Update and Installation Guide for Microsoft Management Reporter 2.0 Feature Pack 1

Defender 5.7. Remote Access User Guide

Enabling Useful Active Directory Auditing

Privileged Account Access Management: Why Sudo Is No Longer Enough


The 2007 R2 Version of Microsoft Office Communicator Mobile for Windows Mobile: Frequently Asked Questions

Netwrix Auditor for SQL Server

Defender Delegated Administration. User Guide

Feature for India (Third-party invoice)

An Oracle White Paper December Implementing Enterprise Single Sign-On in an Identity Management System

Quick Install Guide - Safe AutoLogon For First-time Users - Installing and Running the Software. Published: February 2013 Software version: 5.

4.0. Offline Folder Wizard. User Guide

PowerBroker for Windows Desktop and Server Use Cases February 2014

IBM Tivoli Endpoint Manager for Lifecycle Management

Netwrix Auditor for Active Directory

Quest InTrust for Active Directory. Product Overview Version 2.5

White Paper Achieving PCI Data Security Standard Compliance through Security Information Management. White Paper / PCI

Windows Small Business Server 2003 Upgrade Best Practices

IBM Tivoli Endpoint Manager for Lifecycle Management

Configuring IBM Cognos Controller 8 to use Single Sign- On

Published April Executive Summary

Managing for the Long Term: Keys to Securing, Troubleshooting and Monitoring a Private Cloud

Transcription:

Leading Online Retailer INDUSTRY Online retail clothing sales COMPANY PROFILE This world-class apparel business operates multiple enterprises under multiple brands. BUSINESS SITUATION Had difficulty meeting Payment Card Industry Data Security Standard because of noncompliance of their non-windows systems. SOLUTION Used Microsoft Active Directory and Likewise Enterprise to establish one ID per user, centralize user and access administration, and enforce global password and security policies. BENEFITS Achieved PCI compliance. Reduced workload for administrators. Streamlined logon processes for users. Major Retailer Achieves Compliance With the PCI Data Security Standard This integration has been very successful from both the engineering and security perspectives, as well as from the feedback we have received from our business partners. Just the idea of having one ID to access multiple systems across multiple enterprises was very well received. We are now meeting all our PCI and SOX requirements for system-level access controls. Senior IT Director for Application Management. Introduction This retail clothing company was operating multiple brick-and-mortar enterprises using a complex patchwork of systems for identity management across its Unix, Linux, and Windows systems. When the company created a new division to handle consolidated online sales for all its enterprises, the complexity of their systems came to a head. The online division was having difficulty complying with the Payment Card Industry (PCI) Data Security Standard. The problem was that too many different operating systems, domains, and directory services made it impossible to manage user ID and passwords systematically. After attempting to develop a proof-of-concept solution in house that involved password synchronization and identity replication, the company realized that doing it themselves would cost too much in the long run. Instead they turned to Likewise Enterprise to help them create a single domain solution with one ID per user managed in Microsoft Active Directory across all their heterogeneous enterprises. Copyright 2008 Likewise Software. All rights reserved. 2.5.2008. 1

The information contained in this document represents the current view of Likewise Software on the issues discussed as of the date of publication. Because Likewise Software must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Likewise, and Likewise Software cannot guarantee the accuracy of any information presented after the date of publication. These documents are for informational purposes only. LIKEWISE SOFTWARE MAKES NO WARRANTIES, EXPRESS OR IMPLIED. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in, or introduced into a retrieval system, or transmitted in any form, by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Likewise Software. Likewise may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Likewise, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. 2008 Likewise Software. All rights reserved. Likewise and the Likewise logo are either registered trademarks or trademarks of Likewise Software in the United States and/or other countries. All other trademarks are property of their respective owners. Likewise Software 15395 SE 30th Place, Suite #140 Bellevue, WA 98007 USA Copyright 2008 Likewise Software. All rights reserved. 2

Table of Contents Situation... 4 Solution... 5 For More Information... 7 Copyright 2008 Likewise Software. All rights reserved. 3

Situation Any business that processes, stores or transmits cardholder data must comply with the PCI standard, a set of requirements developed by Visa, American Express, Discover Financial Services, and others. The standard includes requirements for strictly controlling access to customer data, authenticating business users, monitoring access, maintaining a secure network, and auditing system resources. Failure to comply can result in the revocation of the privileges to collect credit card payments. Requirement No. 8 of the PCI standard is to assign a unique ID to each person with computer access, and the online division of this major clothing retailer was unable to comply with it because of the complexity and non-integration of their systems. We had multiple directory services and multiple active directories and multiple LDAPs as well as stand-alone proprietary directory services inside applications, the senior IT director in charge of application management for all the online stores explained. And of course by implementing these independent and isolated directory services, we had a lot of inconsistencies in user IDs. It was very challenging to have any password enforcement and to enforce any kind of policy across the enterprise without some sort of integration. Copyright 2008 Likewise Software. All rights reserved. 4

Although the immediate concern was PCI compliance, the company also needed to address larger issues of inefficiency in the workplace. For the end users, engineers and developers, it s very difficult to maintain continuity for their day-to-day work with multiple account IDs and passwords across the enterprise, the IT director said. It s very challenging. Solution The company undertook an identity management initiative with the twin goals of (1) complying with the PCI standard and (2) reducing the complexities of user administration. As the company gathered requirements for this identity management initiative, it became clear that they needed a solution with the following features: Ability to integrate multiple OS into a unified, secured directory service Conservative use of system resources Ability to use common policy from the directory service that fits PCI compliance Stable, scalable, and easy to manage They began their strategic evaluation process by considering do-ityourself solutions built around password synchronization and identity replication. However, the complexities of creating a solution from scratch were daunting, and the end result would be strategically questionable. As we began to investigate some of these do-it-yourself solutions, we began to see a pattern of challenges and limitations that impacted the work-life balance, the IT director said. When we looked at some of the custom solutions that we would be able to develop in house, what we found was that they created a lot of single points of failure, and they required a lot of specialized engineering and resources to support and maintain these systems. In the end it just cost more to do it ourselves. The company wanted to simplify, not over-engineer its directory services. So they went to the marketplace in search of solutions. Once we saw that there was the ability to integrate some our directory services, we realized that in the long term for our business this was a very desirable event, the IT director said. Copyright 2008 Likewise Software. All rights reserved. 5

After considering alternative directory services, the company chose Likewise Enterprise, in part because they already had experience and confidence using Active Directory. Likewise Enterprise enabled the company to integrate all their different systems from Unix data centers and proprietary applications to Windows, Linux, and Mac workstations into a single domain with consolidated DNS and a structured Active Directory. Copyright 2008 Likewise Software. All rights reserved. 6

Most importantly for PCI compliance, company employees can now log onto multiple systems with a single user ID and password. With one unique ID provisioned and centrally managed through Active Directory, a user at the company can log on Windows, Unix, Linux, and Mac OS X computers with an encrypted password that is securely authenticated against the Active Directory database. This one user, one ID system, along with the ability to centrally enforce password policies, was exactly what the company needed to solve its PCI compliance problems. The company is now meeting all their PCI and SOX requirements for systemlevel access controls. When we looked at some of the custom solutions that we would be able to develop in house, what we found was that they created a lot of single points of failure, and they required a lot of specialized engineering and resources to support and maintain these systems. In the end it just cost more to do it ourselves. This solution did more than just solve the company s compliance problems, though, it also yielded noticeable benefits in productivity. By integrating our directory services across multiple platforms, we saw real improvements in security and management of our enterprises, the IT director said. The feedback from our developers and engineers and business partners was extremely positive, as the single sign-on has reduced the complexity of their day-to-day work. Just the benefits in resourcing your engineering staff alone pays the price of admission. For More Information For more information on Likewise or to download a free 30-day trial version, visit the Likewise web site at http://www.likewisesoftware.com. For general questions, call (800) 378-1330 or e-mail info@likewisesoftware.com. For technical questions or support for the 30-day free trial, email support@likewisesoftware.com. ABOUT LIKEWISE Likewise Software solutions improve management and interoperability of Windows, Linux, Mac OS X, and Unix systems with easy-to-use software for cross-platform identity management. Likewise provides familiar Windows-based tools for system administrators to seamlessly integrate Linux and Unix systems into Microsoft Active Directory. This enables companies with mixed networks to use existing Windows skills and resources, maximize the value of their Active Directory investment, strengthen the network security, and lower the total cost of ownership of Linux and Unix servers. Likewise Software is a Bellevue, WA-based software company funded by leading venture capital firms Ignition Partners, Intel Capital, and Trinity Ventures. Likewise has experienced management and engineering teams in place and is led by senior executives from leading technology companies such as Microsoft, F5 Networks, EMC and Mercury. Copyright 2008 Likewise Software. All rights reserved. 7

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information