eSecure Systems Protect is a host intrusion protection system that helps retailers deliver PCI DSS compliance. It uses behaviour-based exploit prevention and system controls, and monitoring, notification and auditing to protect retail IT systems. eSecure Systems Protect manages risks associated with authorised personnel and software programs, and ensures host integrity and PCI DSS compliance across heterogenous platforms.
From a centralised managed platform, eSecure Systems Protect administrators configure, deploy and monitor security policies; respond to alerts; and run reports on system activity across mixed environments to ensure continued regulatory compliance.
Exploit prevention techniques shield the operating system, applications and services by defining acceptable behaviours and by limiting false positives. System and device controls lock down configuration settings, file systems and the use of removable media to protect systems from misuse by authorised staff and programs.
eSecure Systems Protect helps retailers stay ahead of emerging threats and gives IT managers responsible for the security of business systems peace of mind.
PCI DSS Compliance
eSecure Systems Protect addresses several of the PCI DSS compliance requirements. The host intrusion protection system removes the requirement to install multiple point solutions and so helps reduce system costs and management overhead. Functional highlights include:
- restrict inbound traffic to only that necessary for the card holder environment
- support the operation of personal firewall software on any mobile and/or employee owned computers with direct connectivity to the internet
- disable unnecessary and insecure services and protocols
- ensure that system components and software have the latest vendor-supplied security patches installed
- establish a process to identify newly discovered security vulnerabilities
- limit access to system components and cardholder data to only those individuals whose job requires access
- establish an access control system for components to reconstruct events
- record and secure audit trail entries for all system components for user ID, event type, data and time, success of failure indication, origination of event and identity
- enable the review of logs for all system components at least daily
- retain audit trail history for at least one year with a minimum of three months immediately available for analysis
- use intrusion detection systems and/or intrusion prevention systems to monitor traffic in the card holder data environment
- deploy file-integrity monitoring software to alert personnel to unauthorised modification of critical files
- extend the PCI compliant life of certain operating systems
eSecure System Protect is part of a suite of retail IT security services developed by our partner Evolution and implemented, managed and supported by MWC Partners. We also resell eSecure Event Tracker. To discuss how MWC Partners could help improve your business’ PCI DSS compliance, contact us.