San Jose, California-based Verifone is a leading enabler of electronic payment transactions and point-of-sale services. With over 29 million devices and terminals deployed across more than 150 countries, Verifone’s clients include some of the world’s best- known retail brands, financial institutions and payment providers.
Delivering the services necessary for Verifone’s employees to support the company’s tens of millions of clients necessitates a highly complex and constantly changing internal infrastructure, with it comes the immense challenge of protecting the integrity of every individual component. Verifone’s security strategy is to utilize its team of experts to identify best-in-class solutions and to leverage them to maximize effectiveness and reach of protection.
Business Need
- Achieve and maintain compliance with multiple industry and governmental regulatory requirements, including PCI DSS, Sarbanes-Oxley and PII-related mandates
- Maximize investments in existing tools by leveraging capabilities to further elevate protection
- Identify solutions capable of providing visibility and control for securing the entire global infrastructure without compromising business agility
Solution
Tripwire Enterprise was selected on the basis of its effectiveness and reputation as an industry-leading security configuration management solution. Its core functionality of providing enterprise-class file integrity and policy management addressed all of the original evaluation requirements. Since deployment, however, the broad functionality of Tripwire Enterprise has been extensively leveraged, utilizing a significantly wider set of capabilities than initially required.
If I could pick only one security solution it would have to be Tripwire Enterprise. Why? Because it can do file integrity monitoring, configuration management, system hardening, discovery and optimization; it also integrates well with our other security solutions.
MAHMOUD ABDIRAHMAN INFORMATION SECURITY ENGINEER, VERIFONE
Results
The expanded role of Tripwire Enterprise now embraces the delivery of system hardening to further reduce and fortify Verifone’s attack surface.
The solution’s intuitive dashboard also contributes to the ease of managing and substantiating compliance with applicable data handling and security standards. It also provides detailed vulnerability intelligence for the company’s Linux environments. Plus, many cyber crime controls for Windows and Linux devices are administered utilizing the solution’s comprehensive policy management capabilities.
The powerful Command Output Capture Rule (COCR) feature identifies previously undiscovered locations with personally identifiable information and detects suspicious activities such as unsanctioned user and domain changes, further enhancing the security team’s abilities.
Need Help a Finding a Cybersecurity Solution?
Contact one of our product experts to find a solution that meets your security needs and reduces your business risk. Whether you have one or several initiatives to respond to, Tripwire ensures compliance, security, and flexible risk management solutions.