Resource Center Products Try/Buy Support Partners Company
SWAT, brought to you by Secure Computing Corporation
                                     


Back

Identity & Access

Your network is the technological heart of your business, so protecting access to critical applications, data, and network resources is a mission-critical activity. SafeWord® Strong Authentication gives you an iron-clad mechanism to protect user identity before you provide access to an ever-increasingly available network. As you open up your network to a growing number of remote users, SafeWord gives you confidence in your ability to monitor who can access the network resources that make your company run.


Build and Maintain a Secure Network
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters.

SafeWord tokens generate one-time passcodes that can never be reused, stolen, shared or hacked, providing your remote users a secure mechanism to protect their identity and authenticate their access. The one-time passcode is combined with a personal user PIN, providing secure two-factor authentication. Only properly authenticated users are allowed access to your critical applications and networks. SafeWord supports a wide range of one-time password authenticators including both hardware and software form factors. SafeWord also supports tokens that provide increasing levels of security by utilizing pin-pads on the tokens that can be programmed for more sophisticated authentication and security.

Protect Cardholder Data
Requirement 3: Protect stored cardholder data.

A company must protect and manage access to corporate data and mission-critical applications. SafeWord strong authentication solutions allow you to easily and cost-effectively identify your users to protect access to your trusted network resources. An ideal data protection solution will combine a firewall, access control, encryption and strong authentication. Other security measures can be rendered meaningless if user identity is compromised from the beginning. SafeWord provides a critical component in restricting and monitoring access to stored data.

Implement Strong Access Control Measures
Requirement 7: Restrict access to cardholder data by business need-to-know.

This requirement restricts access to cardholder information to only those individuals with a specific business reason. Read how Mothercare, a baby products retailer in the UK is using Secure Computing SafeWord to achieve their PCI remote access requirements.

Requirement 8: Assign a unique ID to each person with computer access.

This requirement mandates that two factor authentication must be used for remote access via VPN etc. SafeWord provides a robust two factor authentication solution that can be easily added to remote access solutions. In addition it is required that non consumer users be properly authenticated. A two factor authentication solution such as SafeWord helps secure administrative access to accounts.

Requirement 9: Restrict physical access to cardholder data.

SafeWord strong authentication ensures that each user has a unique ID which cannot be shared since the one-time passcode generated by the token is unique for every login attempt. User accounts cannot be shared, so only users that have "need to know" authorization can access the cardholder data. Additionally, since one-time passcodes cannot be guessed, hacked or stolen, the risk of unauthorized access by an unauthorized party with malicious intent is diminished significantly.

Regularly Monitor and Test Networks
Requirement 10: Track and monitor all access to network resources and cardholder data.

Auditing of network access attempts and periodic tracking of access logs is a key feature of the PCI compliance requirement. SafeWord products provide detailed reporting on all the successful and unsuccessful login attempts and resources accessed or requested. In addition it maintains an audit trail for all administrative events. An attempt to change system configuration for malicious purposes will be captured and can be traced back to the user.

Maintain an Information Security Policy
Requirement 12: Maintain a policy that addresses information security for employees and contractors.

SafeWord provides secure, centralized access-control policies for all sizes of enterprises. SafeWord integrates with and leverages policy from Microsoft Active Directory and other user management/directory systems that provide access authorization policies. SafeWord also provides a full range of access management features and functions, like user self-enrollment, granular role-based access control functions that incorporate the use of access control lists (ACLs), and a delegated and remote user management console.


Contact a PCI Sales Rep

Podcast with Ziff Davis

Webcast with IDC

Webcast with Network World

Secure PCI Blog

Products and Technologies to Meet PCI Requirements

Sidewinder
Satisfy both PCI Requirements for Network and Application firewalls with just one firewall

SnapGear
Cost effective VPN security for retail stores, franchises, or any point-of-sale deployment

SafeWord
Strong Authentication for remote and Admin access for in scope PCI systems

IronMail
Automatically discover and encrypt or block emails containing PANs based on policy

Webwasher
Prevent Phishing and other malware attacks targeting PANs and user data

TrustedSource
The world's leading Reputation security system

 
   Copyright © 2012 Secure Computing Corporation. All Rights Reserved. Home | Contact | Privacy Policy | Disclaimer | Sitemap