| |
Solidcore Combines Whitelisting, File Integrity
Monitoring and Configuration Assessment
to Give Retailers A Single-Solution for
PCI Compliance at the Store
Retailers and POS Manufacturers
Say Solidcore is All You Need for POS Security
CUPERTINO, Calif., Nov.
10, 2008 — Solidcore® Systems,
Inc., the leader in securing retail and
point-of-service systems, today announced
its POS Check and Control™ software
combines whitelisting, file integrity monitoring
and configuration assessment capabilities
to give retailers a "single-solution"
for meeting the Payment Card Industry (PCI)
Data Security Standard requirements on retail
store point-of-sale (POS) systems.
This single-solution benefits retailers
by shortening the time, simplifying the
effort, and lowering the cost to verify
PCI compliance at the store.
Retailers today are under
great pressure to meet PCI compliance mandates
across their stores and networks, despite
facing enormous budget and resource constraints.
As such, retailers cannot afford to deploy
and manage disparate security products from
multiple vendors across their distributed
store locations and POS systems. Solidcore's
POS Check and Control provides retailers
with a single-solution that can easily and
cost-effectively address all of the PCI
and security requirements for business-critical
POS systems.
"We needed one product
to secure our POS systems while also ensuring
comprehensive coverage of the PCI compliance
requirements across our distributed store
systems," said Mike Lewis, executive
vice president and CIO for Giant Tiger,
one of the largest family discount store
chains in Canada. "Solidcore's
POS Check and Control quickly emerged as
the most effective security solution that
addresses PCI compliance for our POS environment.
Solidcore allows us to meet the lock-down,
file monitoring and alerting requirements
for PCI compliance, and helped us avoid
any costly and cumbersome multi-vendor project
for meeting PCI compliance on store systems."
"We identified uncontrolled
change as the primary cause of POS unavailability
issues and maintenance costs for our POS
devices," added Hiroshi Komura, general
manager, i-Appliance division for NEC Infrontia
Corporation. "Embedding Solidcore
into our POS systems gives us complete control
and certainty over what changes on each
device."
Solidcore POS Check and
Control Features
- Dynamic
Whitelisting — Solidcore
dynamic whitelisting goes beyond the capabilities
of traditional whitelisting to provide
the most complete protection and PCI compliance
coverage across retail store systems.
It ensures only pre-authorized applications
and code run on POS systems, and unlike
other whitelisting approaches, Solidcore
accommodates secure authorized updates without
having to rely on access to a centralized
inventory. These capabilities ensure
retailers quickly and cost-effectively
meet the PCI requirements for antivirus
outlined in Section 5 of the PCI DSS,
and the required alerting that is outlined
in Section 12.
- CFIM
(Continuous File Integrity Monitoring)
— Solidcore's continuous file integrity
monitoring goes beyond "periodic"
file integrity monitoring tools of the
past that only detect changes through
resource-intensive system scans.
Solidcore's "continuous" file
integrity monitoring has minimal impact
on store system resources and eliminates
the need to perform repeat system scans.
This allows retailers to easily and more-effectively
meet the file integrity monitoring and
audit trail requirements outlined is Sections
10 and 11 of the PCI DSS.
- Configuration
Assessment — Retailers often
rely on hardening standards published
by the Center for Internet Security (CIS),
a non-profit organization with a mission
to help organizations reduce the risk
of business disruptions resulting from
inadequate security controls. Solidcore
provides security configuration assessment
capabilities that allow for regular comparisons
against the CIS benchmarks. This
capability enables retailers to quickly
identify incorrectly configured server
and application settings for quick repair.
Compliance scores are calculated based
on the configuration assessment, and a
comparison of scores from different hosts
is supported through dashboards.
"Retailers simply cannot
afford to source combinations of file monitoring,
audit and list-based security tools from
different vendors to become PCI compliant
at the store – they need a single
solution to do it all quickly and effectively,"
said Anne Bonaparte, president and CEO of
Solidcore. "Solidcore has focused
on providing these essential security capabilities
in a single solution for point of service
systems since our inception. While
you might see more security companies partnering
to offer retailers a PCI compliance solution
for store systems, customers will find that
Solidcore is the preferred solution for
the POS environment."
Solidcore's POS Check and
Control product is powered by Solidcore's
S3 Control Embedded™ software platform,
which was recently awarded "NSS Labs
Approved" by NSS Labs, the globally
recognized leader in independent security
testing and certification. Solidcore
is the chosen protection solution for more
than 100,000 POS systems worldwide, and
the chosen protection solution for many
of the World's leading point of service
device manufactures including NEC, NCR,
Retalix/StoreNext and Sharp.
About
Solidcore
Solidcore is a leader in retail system security,
change audit and configuration control.
Organizations worldwide trust Solidcore
to detect and prevent unwanted change for
improving IT compliance, security and availability.
Solidcore easily automates PCI controls
and is a pioneer in dynamic whitelisting
technology for locking down critical systems
and preventing unauthorized change events.
Solidcore is headquartered in Cupertino,
California. For more information,
please visit www.solidcore.com.
Back to Press Releases
|
|
