PCI Security compliance

Move past legacy security challenges & protect your PCI compliance in the cloud

PCI security compliance challenges

Online commercial transactions will hit an estimated $2.35 trillion by 2017 according to eMarketer in their Worldwide Retail Ecommerce Forecast. Ensuring customer confidence in protecting their credit card data, then, is essential for any online retailers. As the ecommerce industry continues on its rapid-growth trajectory, these organizations have begun to adopt more agile IT infrastructures that are scalable, cloud-based, and dynamic.

Unfortunately traditional security controls are not designed to operate effectively in these new environments. Organizations need a variety of IT controls to secure credit card information and to comply with Payment Card Industry (PCI) Data Security Standard (DSS) regulation, and their existing legacy tools can’t keep up.

Halo solves your PCI compliance needs

The CloudPassage® Halo® automated security & compliance platform solves these challenges and provides businesses with the easiest way to achieve compliance with the PCI DSS.

Halo consolidates your traditional PCI controls into a single platform

Where traditional security tools are segmented and bolted-on, Halo provides within a single platform that integrates with your existing orchestration tools in order to provide seamless, continuous PCI compliance.

Halo includes:

  • File integrity monitoring
  • Software vulnerability management
  • Configuration management
  • Strong access control/server account management
  • Log management
  • Intrusion detection

Halo satisfies the six PCI DSS goals


Goal 1: Build and maintain a secure network and systems

Halo can ensure that local firewall software is installed and configured properly.

Goal 2: Protect cardholder data

Halo continuously monitors for presence and configuration of encryption functions and access restrictions to cryptographic keys. This monitoring can be performed for operating system, application, and database platforms.

Goal 3: Maintain a vulnerability management program

Halo detects known software vulnerabilities; can enforce secure authentication and logging; ensure ongoing secure configurations; proper maintenance of accounts; monitoring of change control process and environments; and auditing of system and application changes.

Goal 4: Implement strong access control measures

Halo’s system configuration scanning and server account management addresses the majority of server-level access control requirements. Halo also provides a centralized view of server accounts and their privileges across cloud hosting environments.

Goal 5: Regularly monitor and test networks

Halo provides extensive scanning, usage monitoring, logging and alerting capabilities. Halo’s File Integrity Monitoring feature satisfies the PCI DSS requirement for detecting and alerting unexpected changes to critical system files.

Goal 6: Maintain an information security policy

Halo automates deployment and operation of a broad range of controls in rapidly changing public, private and hybrid cloud hosting environments which provides a solid foundation for a consistent and reliable information security policy.

Achieving PCI DSS peace of mind in the cloud

This white paper details the evolution of industry regulations for PCI compliance and how to maintain compliance while benefiting from the scale and cost-effective benefits of the cloud.

Participate in Independent Cloud Security Research and Get Access to Industry Reports

Take part in one or more of our surveys and let your voice be heard​