(Source: PRNewswire)
WALTHAM, Mass., Nov. 13 /PRNewswire/ -- Bit9, the pioneer and leader in Enterprise Application Whitelisting, is making PCI compliance easier for retailers. Bit9 Parity and Bit9 Parity for Point-of-Sale use whitelisting to help retail merchants secure payment devices, servers and self-serve kiosks in a continued focus on payment data protection in accordance with the new PCI Data Security Standard version 1.2 (PCI DSS.)
(Logo: http://www.newscom.com/cgi-bin/prnh/20080204/BIT9LOGO )
In the new PCI DSS, Requirement 5 remains focused on maintaining a vulnerability management program, including using and regularly updating antivirus software. However, it is widely acknowledged that the 20-year-old antivirus technology is struggling to keep up with the exploding universe of malware variants and targeted attacks.(1,2) Retailers and enterprises that manage sensitive payment data continue to look for simpler, more cost-effective, and more secure ways to protect their systems and meet PCI DSS Requirement 5. Increasing numbers of IT managers are finding application whitelisting to be the answer.
"Whitelisting is becoming an attractive and cost effective way for retailers to protect both customer data and their own infrastructure. Certain retailers deploy whitelisting technology and take a lock down approach to end point security," said Glenn Williamson, Corporate Security Officer for Cyberklix Inc., an approved QSA and ASV firm in North America. "Protection against known malware is currently provided, but at all times there are unknown variants that signature-based protection cannot account for. We must further protect our and our client's information and this is where we have begun to see a new market presence for whitelisting."
UK retailer Marks and Spencer selected Bit9 Parity to protect over 16,000 point of sale systems and help the company enforce the Payment Card Industry Data Security Standard. Other leading retailers using Bit9 application whitelisting to protect their systems include 7-Eleven, Ahold, Petsmart, and Ritz Camera.
Point of Sale (POS), self check out, kiosks and other retail systems pose a serious security challenge as they are often targeted by malicious hackers for their role in handling sensitive and valuable cardholder data. Yet most companies are unable to easily control what applications can and cannot run on these machines. Blacklisting technologies such as antivirus software cannot always protect against targeted, low profile malware making its way onto a system.
