achieving cost-effective compliance - Unisys

services conglomerate, must secure access to systems holding PCI data. Achieving compliance requires investments in technology, the assessment.
2MB Sizes 0 Downloads 120 Views
ACHIEVING COST-EFFECTIVE COMPLIANCE One solution for a wide range of compliance controls

With stricter industry regulations, Andrew Stark, CISO of a major financial services conglomerate, must secure access to systems holding PCI data. Achieving compliance requires investments in technology, the assessment and validation process and maintaining compliant status. Andrew wants a low-cost, operationally efficient solution that can protect sensitive data from sophisticated cyberattacks and meet compliance objectives.

Architecture Compliance Needs

Limiting Access to Systems with Sensitive Data

• Identify users and systems interacting with PCI data quickly and efficiently. • Minimize large audit footprint of multiple systems and users connected to systems holding PCI data. • Streamline multiple hardware and software solutions to meet compliance requirements. • Prevent traffic from untrusted sources from interacting with systems holding sensitive data.

FIREWALL BREACH OPENS UP PCI DATA Authorized communication path

Andrew creates secure communities of interest (COI) with Unisys Stealth® that consist only of personnel and systems authorized to handle sensitive data. Systems with sensitive data are invisible to untrusted sources and data transferred across the network is unavailable to unauthorized parties, limiting the scope of compliance audits. Supporting wide range of compliance controls, Stealth™ reduces the security application footprint with fewer products to purchase and administer. The software-based solution enables access by identity, not physical devices, so the security of sensitive systems moves with the user for easier management and less overhead.

Corporate Data Center Retail Banking Division

Network breach or unauthorized access

Payment Server

Unauthorized access path

Reporting Server

Attackers accessing PCI data on Reporting Server

Attacker

Core Banking System

ATM Server

• Isolates infrastructure holding PCI data from all other systems.

Microsegmentation to Meet Compliance

• Identifies traffic flow of sensitive data in real time, saving cycles spent on scope analysis before annual audits. • Visualizes network traffic to quickly find users and systems connected to PCI infrastructure, decreasing compliance audit scope, cost and time. • Protects transmitted data across open, public networks by encrypting all traffic within COI.

PCI COMPLIANCE WITH STEALTH Authorized communication path

Corporate Data Center Retail Banking Division

Network breach or unauthorized access

Payment Server

Unauthorized access path Unauthorized access averted Members assigned to Stealth COI

Reporting Server PCI data protected as Reporting Server (now part of Stealth COI) is invisible to attackers.

ATM Server

Attacker

www.unisys.com/Stealth

FOR A ROBUST SECURITY POSTURE CONNECT WITH US ON

Core Banking System