Big Iron Solutions, Iron-Secure Managed Security & PCI Compliance for Mainframes
Big Iron Solutions announces managed security services for organizations with mainframe computer systems that require compliance with PCI Data Security Standards (PCI-DSS).
- (1888PressRelease) November 28, 2014 - For years mainframe systems have processed 70% of business transactions including credit card payments. Since 2007 the PCI Data Security Standards www.pcisecuritystandards.org have provided the security standard to which merchants and service providers must adhere to in order to store, transmit and process credit card data. The PCI-DSS have been in place yet many mainframe computer systems have avoided meeting these requirements. This failure is due mainly to the fact that adequate technology, processes and effective standardized security practices have not existed on the mainframe.
Big Iron Solutions introduces a set of consulting and managed security service solutions that will enable organizations to quickly identify, secure and monitor credit card data in order to meet PCI-DSS requirements. This consists of three security and compliance services in addition to a decision support GRC tool:
1. PCI Data Discovery and Scoping: Big Iron Solutions has the ability to efficiently validate credit card data in known locations and accurately find it in previously unknown locations in mainframe datasets, data stores and databases. Once discovered, PCI scope in defined data stores can be secured or removed as required. The service provided by Big Iron Solutions meets PCI requirements to maintain an inventory of credit card data locations updated annually.
2. Vulnerability Management and Remediation: Big Iron Solutions scanning technology and remediation service will find vulnerabilities in OS code, ESM configurations and APFs. Our expert security and system programmers can remediate fixes. Our Vulnerability Management program implementation will conduct quarterly scans with remediation within 30 and 90 days, thereby meeting PCI requirements.
3. Security Monitoring and Incident Response: Big Iron Solutions security monitoring will validate that security controls are functioning effectively in addition to detecting suspicious behaviour and invalid configuration changes in real time. PCI requires monitoring of administrator behaviour, access to card holder data, and configuration changes to in scope systems. Big Iron Solutions will monitor using SIEM technology collecting log data from RACF, ESMs, SMF, DB2 activity and OS administrator activity. Big Iron Solutions staff will review alerts and respond to incidents as necessary under PCI.
4. Security Intelligent Neural Engine: Big Iron Solutions neural network takes inputs from the results of data discovery, vulnerability scans and SIEM technologies and then determines where projects should be focused in order to reduce risk and most effectively meet PCI requirements.
About Big Iron Solutions: www.bigironsolutions.com Bringing 70 years of combined executive experience in z/Series mainframe systems, information security and managed security services. Big Iron Solutions offers mainframe PCI compliance readiness consulting, security managed services, hardware sales, security consulting, system programing. Big Iron Solutions customers are from a broad range of industries including insurance, retail, e-commerce, petro chemical, financial and government services in Canada and the United States.
###
space
space