Retail

Solution

SecqureOne helps retail and e-commerce companies protect credit cardholder data and other customer information with SQ1Shield.

SQ1Shield is purpose-built for businesses of all sizes, helping you establish the security strategy behind your compliance program and simplifying the way you manage compliance and risk. Here is the list of compliance controls.

Policy & Compliance Analysis- This technology is used to analyze the security the rules and policies used in Firewalls, Routers and other devices that must have their policies reviewed at regularly scheduled intervals

Firewall Security- Firewalls are part of a layered Defense In Depth strategy and are a critical security control for managing, monitoring and protecting egress internet traffic.

Managed Intrusion Detection/Prevention System- Intrusion Detection/Prevention a requirement for most all compliance objectives to protect system being monitored

Managed File Integrity Monitoring (FIM)- File Integrity Monitoring is designed to be used where tracking files or configurations that change is critical and is a required PCI control.

Log Management- Collection of network, server, security, and application logs is a fundamental and essential detective control, including monitoring

Network Vulnerability Scanning-External & Internal Compliance Scans (PCI) are an essential preventive control, designed to identify vulnerabilities proactively before they can be exploited.

Web Application Vulnerability Scanning- Web Application vulnerability scans are designed to proactively test web applications to ensure that protected compliance-related data is not breached or leaked.

Anti-Virus Protection- AV is a standard security requirement for any PC, laptop or endpoint, however most compliance frameworks require AV to be monitored and well managed

Monitoring & Event Correlation (SIEM)- All compliance requirements require on-going and continuous monitoring and management of compliance controls. Event Correlation is used to minimize false positives and prioritize what security events should be analyzed and responded to.

Web Application Firewall (WAF)- Only specified for PCI, however this technology should also be utilized to secure any type of web application that interacts with personally identifiable information, financial information, or healthcare information.

Wireless Intrusion Detection/Prevention- PCI has mandated the use of Wireless Scanners and monitoring for wireless intrusions.

Threat Intelligence & Advisories- In order to support compliance efforts, receiving comprehensive information on current security threats, security advisories, and other timely threat information is a requirement of PCI compliance requirements.