Seeking Alpha

kim4solidcore » Comments |

Sort by:
Latest | Highest rated
  • Visa Puts Heartland on Probation Over Security Breach [View article]
    What is really apparent is that all participants need to evaluate their relationships with any service provider in this 4-party system. "In accordance with Visa Operating Regulations, fines will be assessed to Heartland’s sponsoring banks. Such fines are part of the program Visa uses to assure compliance with system rules" Vendor Management and assessment of security will become even more critical as part of the rebuilding of trust in our financial institutions. Look to real-time tools that can assess the operations of the providers and prove that they are robust and strong enough to provide the security to actually protect and exceed the PCI-DSS standards. Test and evaluate security by asking how the provider can deliver dynamic reports of the changes any individual made in the last 24 hours to any system? Is there an alert mechanism if any system level object changed that was outside of a maintenance window or deemed to be unauthorized? Is there a lag between identifying change and the actual event - what is the maximum exposure. File Integrity Monitoring alone does not bring the enforcement and security this industry needs request a demo of how unauthorized changes can actually be blocked not just monitored - look for more when performing vendor assessments your business diligence now requires this level of proof if you are to share the burden of fines for compromise. solidcore.com
    Mar 13 18:51 pm |Rating: +1 0 |Link to Comment
  • Heartland Payment Systems, Q4 2008 Earnings Call Transcript [View article]
    Was Heartland a victim or just negligent? In today's age of multi-tasking and doing more with less it is critical to not only have the ability to provide integrity monitoring but also enforce and or deny changes that are out of policy. Until more details are disclosed it's hard to answer this question. High risk critical datacenter operations need to look at this as a wake up call and ask if there is a better way to control and assess their environments differently.

    As we are all asking for more visibility to the nations financial institutions we're tired of just watching on the sidelines. Watching is not enough - being able to provide 100% system integrity is the only way to move forward. solidcore.com
    Feb 27 18:31 pm |Rating: 0 0 |Link to Comment
Comments by Ticker
kim4solidcore's
Comments Stats
2 comments
Rating: 1 (1 is - 0 )