aaa: getting roadside assistance from tripwire
DESCRIPTION
Tim Masey, Director of Enterprise Information Security at AAA, shared his company’s PCI journey, beginning with a small implementation of Tripwire, then running into roadblocks by Management for the expansion of products, and eventually moving forward with the implementation of Tripwire’s policy driven dashboards, rules and tasks for over 500 servers. In this Q&A-style webcast he presented on: - How to move your PCI efforts from a small tactical implementation to a key critical component of your security posture - How to align your compliance efforts with the needs of the business, which will allow you to gain more resources—financial, technical, and human - How to utilize security and policy driven dashboards to get your management’s support The recorded webcast that accompanies this slide deck is available here: http://www.tripwire.com/register/aaa-getting-roadside-assistance-from-tripwire/TRANSCRIPT
AAA: Getting Roadside Assistance from Tripwire
THE AAA JOURNEY OF IMPROVING CONFIGURATION MANAGEMENT…AND BEYOND
AAA: Getting Roadside Assistance from Tripwire
THE AAA JOURNEY OF IMPROVING CONFIGURATION MANAGEMENT…AND BEYOND
.
3
About Your Presenters
Tim Masey Director of Information Security AAA
Cindy Valladares (@cindyv) PCI Specialist at Tripwire
Author of The State of Security bloghttp://www.tripwire.com/blog
#pciwebcast
4
Beginnings
• Tim Masey – Director of Information Security, CISSP• Started at AAA in 2007 as Information Security Consultant• Promoted in 2010 to Director• In Security & Infrastructure for over 20 years• Started using Tripwire as Opensource in 2002 • AAA had Enterprise v5 installed and a handful of agents• This is where our story begins…..
Who am I and what am I doing?
#pciwebcast
5
AAA – Who are we?
AAA – Auto Club Group (2nd largest group in AAA federation) RoadSide Assistance (this winter it was really needed)
Travel Services – to get away from the really bad winter to somewhere like Cancun
Insurance – Auto, Home, Boat, Motorcycle
AAA Banking & Financial Services
Member services – Show your card and save
11 States & Puerto Rico
9 million members, 8000 employees
Approximately 500 servers
Over 100 years old - our mission is to service our members on their journey (pun intended)
#pciwebcast
6
The Tripwire Journey
AAA had small implementation of Tripwire, but big Compliance issues in 2007 Multiple compliance pressures
Started with small shared Windows Enterprise Console & 10 agents
No administrators, no one watching real changes in the environment
Had change management, but lacked communication & coordination
We really did not know what was changing
Had to make a turn in our Journey
Start small, end big, but have patience!
#pciwebcast
7
The Need for Better SecurityFrom Compliance to Security
#pciwebcast
Unplanned work previously not identified As the rollout of agents continued, unplanned work began having visibility.
Tracking of changes meant identification & reporting on security incidents
Continuous monitoring means again more visibility, which equates to better preventive measures against attacks
Acquiring bank getting restless
8
Evaluating Solutions
Existing Products Evaluated existing products for configuration changes, alerting and reporting
Benefit of being entrenched products
No additional technology costs
Difficult to do simple change management and reporting
Product not best suited for our needs
#pciwebcast
Every journey has a route
9
Choosing The Right Solution
Tripwire Solutions Reviewed Tripwire Enterprise (v5)
Demonstrated benefits to management
Management resistant due to commitment to get other product working
Began stealthily and demonstrated superior capabilities
Tripwire valuable for security & compliance purposes
Tripwire security professionals provided advice and guidance
Tripwire understood our needs and had genuine interest in improving AAA security
Tripwire was found to be the better and right solution for AAA
#pciwebcast
A smooth route
10
Fast Track To Today’s Journey
Dedicated staff! Correlate change events with change management Policy driven dashboards –high level and drill down reporting Rules & tasks for over 500 servers (including ESX hosts) Some real time monitoring for critical systems
#pciwebcast
The journey keeps moving forward
11
How did AAA benefit?
Visibility into configuration events not seen before Improved security monitoring – who did what, when and why PCI compliance – Level 2 merchant
Avoided additional fees – AAA does 6M transactions File integrity management Monitoring for changes
Benefits to Finance & Cash Management Insurance Compliance (SOX lite) Bank reporting requirements – FFIEC Keeping auditors happy ESX – critical to monitor due to “easy” changes
Patience pays off
#pciwebcast
12
Continuing the Journey
Automation of change management Connect Tripwire to our change management platforms
More real-time monitoring Capture and correlate events in SIEM Improve security standards with exact measurements Extending dashboards and reports to more folks in the organization Continue the journey to improve and enhance security
Knowing where you’ve been is key to knowing where you are going
#pciwebcast
LESSEN THE QSA’S BURDEN, AND YOU EASE YOUR OWN
How Tripwire Can Help
14
Tripwire Addresses 11 of the 12 PCI DSS RequirementsAll Except Req 9 – Restrict Physical Access to Cardholder Data
#pciwebcast
Risk-Based Security and Compliance
• Vulnerability Management• Log Intelligence• Security Configuration Management• Reporting and Analytics
15
Key PCI ResourcesGet Started Now
Infographic
http://www.tripwire.com/state-of-security/regulatory-compliance/pci-dss-3-0-whats-new-infographic/
Solution Information
http://www.tripwire.com/regulatory-compliance/pci-dss-compliance/
Market Research
http://www.tripwire.com/ponemon/2013/
PCI DSS 3.0
https://www.pcisecuritystandards.org/security_standards/documents.php
http://www.tripwire.com/it-resources/category/type/webcast-archived/#resource-type/
Webcast Series
PCI Scoping Toolkit
http://itrevolution.com/pci-scoping-toolkit/
#pciwebcast
