Symantec™ Managed Security Services support for IT compliance
Solution Overview: Symantec Managed Services Over
Overviewview
The Payment Card Industry Data Security Standard (PCI DSS) was developed to facilitate the broad adoption of consistent data security measures on a global basis and to counter increasing levels of payment card fraud. It prescribes over 290 technical controls, rolling up to 12 requirements, that must be proven to be in place in order to achieve compliance. Although
compliance is no guarantee of security, without these basic measures in place an organization is at far greater risk of a breach.
More importantly, non-compliance can mean penalties such as fines, increased per-transaction fees, and ultimately losing the ability to accept and process payment cards.
Demonstrating compliance with PCI DSS can be a time-consuming and costly process. The requirements are far-reaching and detailed, encompassing an organization's infrastructure and call for cooperation between security, operations, and IT teams.
The sheer volume of data, disparate log repositories, broken or inefficient processes, and limited internal expertise to dedicate to audit preparation are amongst the biggest challenges.
SSymantec Managed Securitymantec Managed Security Sery Services Solutions fvices Solutions for PCI Dor PCI DSSSS
Symantec™ Managed Security Services provides acquirers, merchants and service providers with comprehensive services to meet the PCI standard, identify and reduce overall risk associated with payment card processing, and ensure a more resilient infrastructure. This integrated approach allows organizations to achieve compliance as an output of good security
practice–without additional burden on security staff.
By partnering with Symantec Managed Security Services as their independent, remote security team, acquirers, merchants and service providers can leverage Symantec’s global network of Security Operation Centers (SOCs), security experts, best
practices, information correlation capabilities, and global intelligence to protect cardholder data and the cardholder data environment.
Symantec Managed Security Solutions can help address these most pressing compliance and security needs:
• Protect against real-time threats in a fast-changing threat environment
• Improve the overall security posture to reduce the risk of compromise
• Reduce the security data management and audit burden with centralized log collection, retention, and compliance-specific reporting, creating an enterprise-wide common view of activity
• Gain control of security expenses with manageable, budgeted costs
• Eliminate the pressure and difficulty of finding, training, and retaining knowledgeable security personnel
• Demonstrate PCI DSS compliance with standard requirements to avoid potential penalties and increased industry scrutiny
• Lower total cost of ownership by addressing multiple regulatory, compliance management, and monitoring requirements, as well as internal policies
Providing effective security protection for acquirers, merchants, and service providers requires powerful technology, accurate threat intelligence, proven processes, and experienced professionals. Symantec brings all of this together as an acknowledged industry-leading Managed Security Service Provider (MSSP). Symantec is staffed with 100 percent Global Information
Assurance Certification (GIAC) certified analysts and the Security Operations Centers hold both the SAS70 Type II attestation and ISO27001 certification, which testify to our world-class service delivery.
With an integrated approach to security and compliance, Symantec enables organizations to proactively protect information, rapidly respond to threats, automate compliance processes, and reduce costs. Customers benefit from easier management of compliance technologies, reduced impact of audit requests, and reduced exposure to security and compliance risk.
Meeting the 12 PCI D
Meeting the 12 PCI DSS RequirementsSS Requirements
Symantec Managed Security Services help you quickly and consistently meet the requirements of the PCI DSS and functions across all 12 requirements of the PCI standard to protect sensitive cardholder data from perimeter to endpoint, on and off the network.
Requirement 1: Ins
Requirement 1: Install and maintain a firewall configuration to protall and maintain a firewall configuration to protect cardholder datatect cardholder data
Managed Protection Services provide expertise to help secure and manage security architectures by remotely delivered change, lifecycle, and incident/fault management. Included are approval and validation of customer-requested configuration changes to firewalls and UTMs, intrusion detection/prevention devices, endpoint security infrastructure, and critical server protection in accordance with customer policies and Symantec best practices.
To help meet this requirement, use:
• Symantec Managed Security Services: Managed Protection Services Requirement 2: Do no
Requirement 2: Do not use vendor supplied defaults ft use vendor supplied defaults for sysor system passwords and otem passwords and other securitther security parametersy parameters
Vulnerability Management Services thoroughly scan your network for potential vulnerabilities, such as un-patched systems or improper settings, and have the results automatically sent to the Managed Security Services SOC for inclusion in security analysis. Additionally, you can leverage Symantec experts and Managed Protection Services to manage your security infrastructure according to best practice standards. This includes security protection infrastructure hardening (secure passwords, port blocking, services removal, etc.), rule efficacy checking, and configuration management to ensure optimum security protection.
To help meet this requirement, use:
• Symantec Managed Security Services: Vulnerability Management Services, Managed Protection Services Requirement 3: Pro
Requirement 3: Protect stect stored cardholder datatored cardholder data
Symantec products help safeguard sensitive data and minimize performance impact with intelligent archiving, data loss prevention, endpoint access control, and encryption technologies. Symantec Managed Security Services operates facilities according to the framework of ISO27001 and SAS70 Type II controls, and subject to independent audit.
Requirement 4: Encr
Requirement 4: Encrypypt transmission of cardholder data acrot transmission of cardholder data across open, public netss open, public networksworks
Security Monitoring Services provide monitoring and exception alerting for gateway devices (mail appliances, web proxies, and web gateways), firewalls, web application firewalls, network behavior analysis devices, switches, and routers that all can participate in ensuring secure communication/transmission of cardholder data. Managed Protection Services including Managed Firewall Protection, Managed IDP Protection, and Managed Endpoint Protection provide policy implementation and content filter management to help enforce compliance-related data and traffic encryption requirements.
To help meet this requirement, use:
• Symantec Managed Security Services: Security Monitoring Services, Managed Protection Services Requirement 5: Use and re
Requirement 5: Use and regularly update antivirus sofgularly update antivirus softtwareware
Security Monitoring Services help you maintain the highest level of threat protection by monitoring your environment in real- time and helping you ensure the efficacy of your security protections. Rapid, automated prioritization and remediation reduces the impact of security incidents. Symantec DeepSight™ Early Warning Services provide global threat and vulnerability
intelligence based on the Symantec™ Global Information Network.
Symantec Managed Endpoint Protection protects data from threats by transferring management of the endpoint protection solution to experienced Symantec security experts under strict SLAs. The remotely delivered Managed Endpoint Protection provides comprehensive end-to-end management of the endpoint protection infrastructure to detect, remove, and protect against other forms of malicious software, including spyware and adware.
To help meet this requirement, use:
• Symantec Managed Security Services: Security Monitoring Services, Early Warning Services, Managed Protection Services Requirement 6: Develop and maintain secure sys
Requirement 6: Develop and maintain secure systems and applicationstems and applications
Symantec Managed Security Services use consistent management procedures and best practices to protect information.
Managed Endpoint Protection Services provide expertise to help secure and manage security architectures by remotely delivered change, lifecycle, and incident/fault management for network security infrastructure. Real-time monitoring of systems and applications ensures that proper security management controls are in place to make sure that the cardholder data environment is protected in support of PCI standards.
Early Warning Services maintain comprehensive databases of vulnerabilities, malicious code, security risks, exposures,
malicious IP addresses. Symantec Managed Security Services analyst teams use this information to develop alerts, analysis and remediation recommendations for infrastructure monitored by Symantec Security Monitoring Services and managed by
Managed Protection Services. With personalized notification triggers and expert analysis, Early Warning Services enable organizations to identify potentially exploitable security vulnerabilities, protect critical information assets against potential attacks, mitigate threats, and remove security risks.
Symantec Security Monitoring Services can provide web application firewall monitoring to help ensure the effectiveness of web application protections. Symantec Vulnerability Management Services enable you to easily identify and remediate vulnerable hosts and network components.
To help meet this requirement, use:
• Symantec Managed Security Services: Security Monitoring Services, Vulnerability Management Services, Early Warning Services, Managed Protection Services
Requirement 7: Res
Requirement 7: Restrict access to cardholder data by business need-to-knowtrict access to cardholder data by business need-to-know
Security Monitoring Services provide an organizational hierarchy feature within the portal that provides access to event logs and incident details in a secure, organizationally-partitioned manner. This ensures access to security data by properly authorized security personnel only.
To help meet this requirement,use:
• Symantec Managed Security Services: Security Monitoring Services Requirement 8: Assign a unique ID to each person with computer access Requirement 8: Assign a unique ID to each person with computer access
Security Monitoring Services help ensure access control and data integrity with ongoing network, operating system, and application log monitoring as well as automated alerts to policy violations. In addition, authorized users access the Managed Security Services portal with two-factor strong authentication. Policy configuration and management for file, application, and device access, file integrity monitoring and activity reporting (daily summary) are included with Managed Protection Services.
To help meet this requirement, use:
• Symantec Managed Security Services: Security Monitoring Services, Managed Protection Services Requirement 9: Res
Requirement 9: Restrict phtrict physical access to cardholder dataysical access to cardholder data
Symantec Managed Security Services provide a mature approach to physical security on a global basis, with strong security controls implemented at all SOCs. All Symantec best practices and methodologies have been audited against the ISO27001 criterion to protect the cardholder data environment monitored by Symantec Managed Security Services.
To ensure a physically secure environment, Managed Security Services SOCs provide two-factor authentication into the facility, including biometric authentication. In addition, SOCs undergo regular on-site security reviews complemented by continual physical and wireless network access monitoring.
Requirement 10: T
Requirement 10: Track and monitor all access to netrack and monitor all access to network resources and cardholder datawork resources and cardholder data
Security Monitoring Services provide enterprise-wide log retention and real-time security monitoring of networks and security infrastructures, for the purpose of protecting information assets and demonstrating compliance with industry regulations.
Symantec Security Monitoring Services provide the operational foundation for the ongoing monitoring of the security perimeter (VPNs, modems, and dial-up concentrators). Managed Security Services provide the secure management of these devices, delivering immediate notification of security incidents, policy exceptions, and access violations of monitored devices. In addition, Managed Security Services provide both reporting and evidentiary data to support audits, with the ability of the SOC to verify the access controls on managed devices. Managed Security Services continuously monitor, collect and analyze log data, correlating incidents and threats across your environment to find root cause and measure impact. Symantec retains logs for a minimum of three months online and one year offline. Symantec Managed Protection Services can configure customer policies to enable logs/alerts on data and network activity involving cardholder data.
To help meet this requirement, use:
• Symantec Managed Security Services: Security Monitoring Services, Managed Protection Services
Requirement 11: Re
Requirement 11: Regularly tesgularly test securitt security sysy systems and processestems and processes
Frequently test your environment for vulnerabilities using automation tools and certified assessment services.
Symantec Managed Security Services provide a mature approach to business continuity and disaster recovery on a global basis, delivering built-in system redundancy to ensure that data is available when and where it is needed. This includes failover to a U.S.-based data center, as well as across multiple SOCs worldwide.
Symantec Vulnerability Management Service provide customers with the ability to remotely conduct vulnerability scans and automatically upload resultant scan data and then correlate it with other security incident analysis data. Symantec Managed Protection Services provide health monitoring for security protection infrastructure and alert on failed protections.
To help meet this requirement, use:
• Symantec Managed Security Services: Vulnerability Management Services Requirement 12: Maintain a polic
Requirement 12: Maintain a policy that addresses infy that addresses information securitormation securityy
Security Monitoring Services provide an integrated, central log retention repository to allow enterprise-wide consolidation of security information and compliance reporting. Through the secure web portal, authorized users can view the organization’s security posture and gain a deeper perspective on how to mitigate risks in the global threat landscape. Users can access at-a- glance summary pages, information on critical emerging threats and vulnerabilities, and recommendations on how to respond to security incidents and threats to an organization’s network. This allows you to maintain a holistic view of your compliance posture to support reviews and audits. With Symantec Managed Protection Services, security infrastructure is managed to Symantec best-practice standards and in accordance with organization policy.
To help meet this requirement, use:
• Symantec Managed Security Services: Security Monitoring Services, Managed Protection Services
Twelve PCI DSS Requirements and Symantec Managed Security Services
SSymantec Managed Securitymantec Managed Security Sery Servicesvices
Symantec Managed Security Services provide trusted solutions to identify and manage data security risks for merchants and service providers that manage cardholder data. By partnering with Symantec Managed Security Services as their remote security team, organizations can leverage Symantec’s global network of SOCs, security experts, best practices, correlation capabilities, and intelligence to protect their IT assets, people, and information in a rapidly evolving threat environment.
Complementar
Complementary Sy Symantec Products and Serymantec Products and Servicesvices
Symantec offers an extensive portfolio of security products and services to enhance security protection and address additional PCI DSS requirements, including:
• Symantec™ Data Loss Protection – Simplifies the detection and protection of enterprise information
• Symantec™ Control Compliance Suite – Manage all aspects of IT risk and compliance at lower levels of cost and complexity
• Symantec™ Critical System Protection – Monitor and prevent malicious host activities to preserve system integrity and performance
• Symantec™ Protection Center – Unifies information security management across systems, networks, and data to effectively protect against the inherent risks in today’s IT infrastructures
• Symantec Education Services – Extensive curriculum covering security awareness, security policies, and best practices
• Symantec™ Security Information Manager – Enables a documented, repeatable process for security threat response and IT policy compliance via integrated log management and incident response solutions
• Symantec™ Endpoint Protection – Advanced threat prevention to deliver an unmatched defense against malware for laptops, desktops, and servers in both physical and virtual environments
• Symantec NetBackup™ – Provides the ability to protect completely, store efficiently, recover anywhere, find easily and manage centrally
More Information Visit our website
http://enterprise.symantec.com
To speak with a Product Specialist in the U.S.
Call toll-free 1 (800) 745 6054
To speak with a Product Specialist outside the U.S.
For specific country offices and contact numbers, please visit our website.
About Symantec
Symantec is a global leader in providing security, storage, and systems management solutions to help consumers and
organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. Headquartered in
Mountain View, Calif., Symantec has operations in 40 countries. More information is available at www.symantec.com.
Symantec World Headquarters 350 Ellis St.
Mountain View, CA 94043 USA +1 (650) 527 8000
1 (800) 721 3934 www.symantec.com
Copyright © 2011 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries.
Other names may be trademarks of their respective owners.
