Retail / Hospitality Security

Lock Down Every POS Device & Secure Customer Information with Bit9

Antivirus software cannot protect your point-of-sale, store systems and corporate endpoints from today’s sophisticated and increasingly frequent advanced threats.

Bit9 controls change and locks down your POS and store systems to protect your customers—and your organization—against potentially devastating malware and attacks. With Bit9, you get:

  • Real-time visibility into everything happening on your POS and fixed-function devices so you always know what software is running
  • Real-time signature-less detection and prevention of advanced malware, including zero-day and targeted attacks
  • Protection of customers’ credit card information—and your brand
  • A recorded history and full audit trail of all endpoint and server activity to rapidly respond to alerts and incidents, monitor compliance, identify any unexpected activity or event, and proactively improve your security and compliance posture
  • Integration with industry-leading network security solutions to understand enterprise-wide compliance risk and exposure.

Best of all, Bit9 helps you improve your security posture with less administrative effort than antivirus because there is no need for scanning, signature updates or risky holiday freezes. This frees up processing power, improves response times and enhances system performance.

Bit9 also helps you comply with the Payment Card Industry (PCI) Data Security Standard (DSS), eliminating potential noncompliance and regulatory penalties—which can range anywhere from $10,000 to $100,000 per month.

Bit9 Helps Retailers:

Improve Security – Stop Advanced Threats and Malware

  • Create policies so only the software you trust can run on your enterprise systems including POS devices, workstations, fixed-function machines and servers. Prevent everything else from running.
  • Detect advanced threats and malware that evade antivirus and other signature-based detection tools with Bit9’s real-time sensor, Advanced Threat Indicators, and cloud-based Software Reputation Service.
  • Get advanced device control for thumb drives, CDs, iPods, etc., to ban/approve these portable storage devices from reading, writing and executing at a serial number level. Prevent data leakage and unintentional or intentional direct loading of malware.
  • Consolidate your enterprise security stack and eliminate the need for and costs associated with other security software.

Lower Your Administrative Effort

  • Reduce support and IT costs by eliminating frequent patching, scanning and signatures updates required by antivirus and other signature-based detection tools.

Demonstrate Ongoing PCI DSS Compliance

  • Build intelligence around all of your file assets, including their prevalence, trust rating, and inherited vulnerabilities. Report on any asset for an audit, a pre-compliance assessment or security intelligence gathering.
  • Meet file integrity monitoring and control and audit trail rules with continuous, real-time file monitoring. Protect your critical configuration files from unauthorized changes.
  • Enforce your trust policies whether your systems are online or offline.
  • Focus only on those events that are relevant to your business and lower the cost of obtaining compliance data.

Extend the Life of Your Systems

  • Keep your operating systems in a compliant state after their end-of-life and eliminate
    • Financial penalties and brand damage associated with failed audits, data breach, or non-compliance
    • The need to upgrade to newer operating systems
    • The high costs of extended support contracts and hardware upgrades
  • For PCI compliance, deploy Bit9 as a compensating control in lieu of regular operating system patches and updates that are no longer available.

Easily implement and demonstrate ongoing compliance with many requirements of the PCI DSS standards.

Requirement Bit9 Solution

Section 2:
Systems configuration and default tracking

Bit9 helps retailers control the execution of software, ensure that systems are prevented from drifting from their desired state, track changes to system configurations and allow only approved services and software to run according to the policy established for each endpoint. This enables your organization to detect in real time what is arriving, executing and propagating in your environment so you can better protect company assets and measure compliance risk at any time.

Section 5:
Malware protection

Bit9’s real-time sensor and recorder and real-time enforcement engine stop advanced threats that evade traditional defenses including zero-day and targeted attacks.

Requirement 6:
Secure systems and applications

Bit9 enables organizations to apply real-time, proactive threat and trust measurements to the asset inventory, discover potential risky files, enforce control on the endpoints and provide immediate low-friction analysis and risk ranking of any potential file vulnerabilities discovered. Bit9 can secure the system configuration and be a compensating control to extend the life of systems that are required to run unsupported versions of operating systems.

Requirement 7 and 9:
Restrict data access

When users log into a system protected by Bit9, they are restricted to run only preapproved applications. Bit9 also can restrict access to portable storage devices containing cardholder data and ensure only authorized staff are allowed to copy cardholder data to portable storage devices.

Requirement 10:
Regularly monitor and track access

Bit9′s file-integrity control capability tracks all changes and events by users, blocks unauthorized activities and ensures that only authorized processes can write to log data files. Plus, Bit9 easily integrates with SIEM consoles to provide immediate intelligence about monitored assets and compelling security events—all from a single pane of glass.

Section 11:
Protect critical system files

Bit9 file-integrity control prevents unauthorized modification of critical system and content files while ensuring only authorized processes can write to these files. With Bit9, organizations receive analyzed data in real time so they can act immediately to guard and protect all critical systems and data.

Section 12:
Policies and procedures

Bit9′s automated reporting features provide the real-time, actionable intelligence organizations need to monitor compliance, identify any unexpected activity or event, notify end users and company personnel of updated and recent security policy changes, and proactively improve their security postures. In addition, Bit9′s compliance services provide the security awareness training needed to ensure that policies are up to date, disseminated and understood by the parties that are most affected by PCI compliance.
Video: 10 Ways to Protect Your Company From a Data Breach
Managing Retail Compliance and Security Regarding Windows XP POS End-of-life
Protect Your Store Systems and Achieve PCI Compliance with Bit9

Bit9 POS Security Assessment

POS secure against memory-scrapping? Bit9 can tell you.

Request Now

Datasheet: Security and Compliance for Windows XP

View Now

Datasheet: Protect Store Systems and Achieve PCI Compliance

View Now

Threat Advisor: The Convergence of Security and Compliance

View Now