As a recognized leader in the payment processing sector, this company offers its clients hundreds of secure payment methods across multiple platforms, around the globe. Onan average day it processes tens of millions of mobile, online and in-store transactions in 100+ currencies.
After experiencing a security incident that was quickly contained, the company took the opportunity to revamp its entire IT infrastructure and enhance their security practices. The nature of its core business also dictated that major consideration be given to maintaining full compliance with all relevant standards, especially those relating to the Payment Card Industry Data Security Standard (PCI DSS).
Maintaining compliance is mission critical for us—it impacts our whole business. Tripwire provides the solutions that help keep us informed, protected and compliant, without constraining our ability to scale and innovate. Tripwire Enterprise gives us the end-to-end visibility that we need to defend ourselves against today’s cybercriminals.
Company Spokesperson, Payment Processing Company
Business Need
- Meet prevailing and upcoming PCI standards, including deploying a change-detection mechanism to perform critical file comparisons
- Align processes to optimally respond to alerts in order to respond quickly to potentially malicious activity
- Provide application owners end-to-end monitoring of changes and vulnerabilities
- Automate processes wherever possible and allow customization of information for individual stakeholders
- Foster a culture of collaboration by sharing information across previously autonomous departments
- Enforce separation of duties between security and operations teams
Solution
Tripwire Enterprise was selected to facilitate the real-time collection of change data, with the assistance of Tripwire Professional Services for a straightforward rollout across its widespread environment. Tripwire Enterprise provides immediate detection and notification of unexpected change, enabling expedited remediation and operational continuity. The flexibility of the solution allows all tiers of each of the company’s primary application to be consolidated into a single view, regardless of data source, operating system or location
Results
- Change detection and associated notification processes enabled compliance with stringent PCI DSS requirements
- Application owners provided multitier visibility, with individually customizable rules available for each stakeholder
- Automated change event report generation and provision of personalized dashboards for owners
- Flexibility and scalability of Tripwire Enterprise fully supported constant innovation and dynamic growth
- Enhanced inter- and intra-department collaboration through deepened insights of interdependencies across infrastructure
- Formalized separation of duties
Need Help Finding a Cybersecurity Solution?
Contact one of our product experts to find a solution that meets your security needs and reduces your business risk. Whether you have one or several initiatives to respond to, Tripwire ensures compliance, security, and flexible risk management solutions.