PCI compliance

Don’t let legacy security tools hold up PCI compliance in the cloud.

Watch the Video

The problem

Online commercial transactions will hit an estimated $2.35 trillion by 2017 according to eMarketer in their Worldwide Retail Ecommerce Forecast. Ensuring customer confidence in protecting their credit card data, then, is essential for any online retailers. As the ecommerce industry continues on its rapid-growth trajectory, these organizations have begun to adopt more agile IT infrastructures that are scalable, cloud-based, and dynamic.

Unfortunately traditional security controls are not designed to operate effectively in these new environments. Organizations need a variety of IT controls to secure credit card information and to comply with Payment Card Industry (PCI) Data Security Standard (DSS) regulation, and their existing legacy tools can’t keep up

Halo solves your PCI compliance needs

The CloudPassage® Halo® automated security & compliance platform solves these challenges and provides businesses with the easiest way to achieve compliance with the PCI DSS.

Halo consolidates your traditional PCI controls into a single platform

Where traditional security tools are segmented and bolted-on, Halo provides within a single platform that integrates with your existing orchestration tools in order to provide seamless, continuous PCI compliance.

Halo includes:

  • File integrity monitoring
  • Software vulnerability management
  • Configuration management
  • Strong access control/server account management
  • Log management
  • Intrusion detection

Learn more Schedule a demo

Halo satisfies the six PCI DSS goals

lat-lon-globe.svg

Goal 1: Build and maintain a secure network and systems

Halo can ensure that local firewall software is installed and configured properly.

cardholder-data.svg

Goal 2: Protect cardholder data

Halo continuously monitors for presence and configuration of encryption functions and access restrictions to cryptographic keys. This monitoring can be performed for operating system, application, and database platforms.

vulnerability-management-program.svg

Goal 3: Maintain a vulnerability management program

Halo detects known software vulnerabilities; can enforce secure authentication and logging; ensure ongoing secure configurations; proper maintenance of accounts; monitoring of change control process and environments; and auditing of system and application changes.

strong-access-control-meastures.svg

Goal 4: Implement strong access control measures

Halo’s system configuration scanning and server account management addresses the majority of server-level access control requirements. Halo also provides a centralized view of server accounts and their privileges across cloud hosting environments.

small-gear.svg

Goal 5: Regularly monitor and test networks

Halo provides extensive scanning, usage monitoring, logging and alerting capabilities. Halo’s File Integrity Monitoring feature satisfies the PCI DSS requirement for detecting and alerting unexpected changes to critical system files.

checked-shield.svg

Goal 6: Maintain an information security policy

Halo automates deployment and operation of a broad range of controls in rapidly changing public, private and hybrid cloud hosting environments which provides a solid foundation for a consistent and reliable information security policy.

Achieving PCI DSS peace of mind
in the cloud

This white paper details the evolution of industry regulations for PCI compliance and how to maintain compliance while benefiting from the scale and cost-effective benefits of the cloud.

Get the white paper

Request a Demo

Get a live demo that is customized to help you see how easy it is to be secure and compliant in the cloud with CloudPassage Halo.