Welcome!

News Feed Item

Tempered Networks Enables Enterprises to Achieve PCI DSS Compliance Standards with Identity-Based PCI Micro-segmentation

Solution frees up PCI personnel by over 60 percent on average, while fortifying enterprises' security posture; Coalfire Systems to execute PCI lab testing and validation

SEATTLE, WA -- (Marketwired) -- 06/19/17 -- Tempered Networks, Inc. today announced that the new release of its Identity-Defined Networking (IDN) platform provides a unified PCI security architecture for enterprise and government organizations. The latest IDN platform release removes PCI systems and assets from scope through cloaking, micro-perimeter segmentation, machine authentication and authorization, and end-to-end encryption. These, and other controls, support Payment Card Industry Data Security Standard (PCI DSS) compliance requirements. The company also announced that it has partnered with Coalfire Systems, a qualified security assessor, to test and validate Tempered Networks' identity-based PCI micro-segmentation capabilities. A comprehensive report from Coalfire will be published by July 2017.

"A PCI compliant environment does not mean your network and assets are immune from attack, especially east-west lateral movement, which is why we continue to witness so many hacks of PCI compliant networks," said Erik Giesa, VP of Products at Tempered Networks. "Hacks against healthcare organizations alone have increased by 63% in 2016, according to a recent TrapX report. These organizations are still relying on IP address-defined policies that are subject to spoofing. Instead, our approach unifies PCI compliance with security, giving customers the best of both worlds. By using cryptographic machine identities for enforcement, local and wide area micro-segmentation easily removes systems from PCI scope, while cloaking PCI segments from bad actors. This capability is also ideal for achieving HIPAA and NIST Cyber Security Framework (CSF) compliance."

PCI compliance is essential to any organization that processes, stores, and transports payment card data. PCI DSS has strict guidelines that must be satisfied before any systems can be deployed. Tempered Networks' IDN platform helps organizations meet these stringent requirements through local and wide-area PCI micro-segmentation, providing a level of isolation and containment previously unattainable. The IDN platform enables organizations to fulfill specific PCI requirements in the following ways.

PCI machine authentication, authorization, and whitelist orchestration. PCI-DSS requirements have been written with traditional networking and security technologies in mind. Because firewalls, VPNs, and other access control technologies base their segmentation policies on spoofable IP addresses and VLANs which can be traversed, traditional segmentation is not only permeable but error-prone. With Tempered Networks' IDN software, access controls and policy enforcement are based on a machine's provable cryptographic identity. Every PCI machine authenticates and authorizes to other authorized machines before data transport can be established based on a machine whitelist. The machines then encrypt all data in motion creating an unbreakable local as well as wide-area network overlay.

Simple and centralized PCI orchestration. With new Smart Device Group capability, administrators can easily create pre-defined group policies for specific IDN PCI overlays. Only machine authenticated and authorized hosts can communicate within an encrypted IDN overlay. Using Smart Device Groups, automatically adding PCI resources to specific segments is simple, consistent, and predictable. The IDN solution's centralized orchestration engine, The Conductor, and its secure RESTful API makes PCI orchestration seamless and easy.

PCI-compliant controls and policy assurance. New PCI reporting capabilities created by the IDN solution help administrators ensure they have the proper controls and policies in place. To address policy guidelines for chain-of-custody requirements, the IDN solution ensures that only authorized administrative staff can access audit logs, which can be downloaded on demand by PCI auditors in an automated fashion.

Identity-based PCI micro-segmentation. Within the IDN fabric, the security and networking perimeter can easily be moved from the network edge to the PCI machines or hosts, creating hardened yet flexible secure micro-perimeters--without modifying existing infrastructure. Requirements for securing data-in-motion are addressed, since all whitelisted devices and associated traffic are automatically secured within PCI micro-segments using machine-to-machine AES-256 encryption. This capability supports PCI DSS v3.2 requirements across the LAN and WAN.

Reduce time spent on PCI audits. The IDN solution was designed with a manageability-first mindset, making ease-of-use through its intuitive orchestration engine a top priority. Because of this design principle, meeting PCI audit requirements is much simpler for IT personnel. Specifically, secure transport of logs, auditability of access to the system, traffic filtering, and audit reporting of system configuration changes, is easy using The Conductor and its new PCI reporting capabilities. Customers can reduce IT personnel time spent on PCI audits by 60 percent, on average.

"With Marcum's PCI practice, we pride ourselves on not only helping customers achieve PCI compliance, but also focus on ways to improve their overall security posture while saving time and money in the process," said Ted Carlson, President, Marcum Technology. "That's why we've partnered with Tempered Networks and we're excited about their new PCI compliance support. Not only does Tempered dramatically improve an organization's security posture with unique capabilities like wide area micro-segmentation and cloaking, but the simplicity of their solution can reduce PCI personnel time by as much as 62 percent."

Related Resources

Availability
The new release of Tempered Networks' IDN platform is available now. PCI enforcement and reporting are included in the platform at no additional cost. The Coalfire Systems lab validation report will be available by Q2 2017. Please contact your preferred reseller for more information or contact [email protected].

About Tempered Networks
Tempered Networks is the pioneer of Identity-Defined Networking (IDN), driving a new identity paradigm that basis trust on the host identity itself, not a spoofable IP address. Our IDN architecture unifies networking and security to overcome today's complex and inherently vulnerable networks. We provide the industry's most extensible networking overlay fabric, with automated policy-based orchestration, making it simple to instantly connect or disconnect any IP resource with another, located anywhere in the world -- on-premises, virtual or cloud. With IDN, local and wide-area micro-segmentation is now achievable and simple. It leverages your existing infrastructure, while eliminating future expenses on unecessary point networking and security products. For more information, visit www.temperednetworks.com.

You can also follow us @TemperedNW on Twitter or visit us on LinkedIn for more information about Tempered Networks and our technology.

Forward-looking statements. Certain statements contained in this press release may constitute forward-looking statements. Such statements include, for example, statements regarding the Company's or management's beliefs, expectations, estimations, plans, projections and similar statements. Any such forward-looking statements involve risks, uncertainties and other factors that may cause the Company's actual results and performance, or industry results to be materially different from any results or performance expressed or implied by such forward-looking statements. These forward-looking statements speak only as of the date of this press release and there can be no assurance that the results and events contemplated by such forward-looking statements will, in fact, occur. The Company expressly disclaims any obligation or undertaking to release any updates or revisions to any forward-looking statement contained herein.

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
Automation is enabling enterprises to design, deploy, and manage more complex, hybrid cloud environments. Yet the people who manage these environments must be trained in and understanding these environments better than ever before. A new era of analytics and cognitive computing is adding intelligence, but also more complexity, to these cloud environments. How smart is your cloud? How smart should it be? In this power panel at 20th Cloud Expo, moderated by Conference Chair Roger Strukhoff, pane...
@DevOpsSummit at Cloud Expo taking place Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center, Santa Clara, CA, is co-located with the 21st International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is ...
New competitors, disruptive technologies, and growing expectations are pushing every business to both adopt and deliver new digital services. This ‘Digital Transformation’ demands rapid delivery and continuous iteration of new competitive services via multiple channels, which in turn demands new service delivery techniques – including DevOps. In this power panel at @DevOpsSummit 20th Cloud Expo, moderated by DevOps Conference Co-Chair Andi Mann, panelists examined how DevOps helps to meet the de...
No hype cycles or predictions of zillions of things here. IoT is big. You get it. You know your business and have great ideas for a business transformation strategy. What comes next? Time to make it happen. In his session at @ThingsExpo, Jay Mason, Associate Partner at M&S Consulting, presented a step-by-step plan to develop your technology implementation strategy. He discussed the evaluation of communication standards and IoT messaging protocols, data analytics considerations, edge-to-cloud tec...
When growing capacity and power in the data center, the architectural trade-offs between server scale-up vs. scale-out continue to be debated. Both approaches are valid: scale-out adds multiple, smaller servers running in a distributed computing model, while scale-up adds fewer, more powerful servers that are capable of running larger workloads. It’s worth noting that there are additional, unique advantages that scale-up architectures offer. One big advantage is large memory and compute capacity...
In 2014, Amazon announced a new form of compute called Lambda. We didn't know it at the time, but this represented a fundamental shift in what we expect from cloud computing. Now, all of the major cloud computing vendors want to take part in this disruptive technology. In his session at 20th Cloud Expo, Doug Vanderweide, an instructor at Linux Academy, discussed why major players like AWS, Microsoft Azure, IBM Bluemix, and Google Cloud Platform are all trying to sidestep VMs and containers wit...
What's the role of an IT self-service portal when you get to continuous delivery and Infrastructure as Code? This general session showed how to create the continuous delivery culture and eight accelerators for leading the change. Don Demcsak is a DevOps and Cloud Native Modernization Principal for Dell EMC based out of New Jersey. He is a former, long time, Microsoft Most Valuable Professional, specializing in building and architecting Application Delivery Pipelines for hybrid legacy, and cloud ...
Amazon started as an online bookseller 20 years ago. Since then, it has evolved into a technology juggernaut that has disrupted multiple markets and industries and touches many aspects of our lives. It is a relentless technology and business model innovator driving disruption throughout numerous ecosystems. Amazon’s AWS revenues alone are approaching $16B a year making it one of the largest IT companies in the world. With dominant offerings in Cloud, IoT, eCommerce, Big Data, AI, Digital Assista...
SYS-CON Events announced today that CA Technologies has been named "Platinum Sponsor" of SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CA Technologies helps customers succeed in a future where every business - from apparel to energy - is being rewritten by software. From planning to development to management to security, CA creates software that fuels transformation for companies in the applic...
Artificial intelligence, machine learning, neural networks. We’re in the midst of a wave of excitement around AI such as hasn’t been seen for a few decades. But those previous periods of inflated expectations led to troughs of disappointment. Will this time be different? Most likely. Applications of AI such as predictive analytics are already decreasing costs and improving reliability of industrial machinery. Furthermore, the funding and research going into AI now comes from a wide range of com...
Multiple data types are pouring into IoT deployments. Data is coming in small packages as well as enormous files and data streams of many sizes. Widespread use of mobile devices adds to the total. In this power panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists looked at the tools and environments that are being put to use in IoT deployments, as well as the team skills a modern enterprise IT shop needs to keep things running, get a handle on all this data, and deliver...
Internet of @ThingsExpo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devic...
DevOps at Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to w...
For organizations that have amassed large sums of software complexity, taking a microservices approach is the first step toward DevOps and continuous improvement / development. Integrating system-level analysis with microservices makes it easier to change and add functionality to applications at any time without the increase of risk. Before you start big transformation projects or a cloud migration, make sure these changes won’t take down your entire organization.
SYS-CON Events announced today that Cloud Academy named "Bronze Sponsor" of 21st International Cloud Expo which will take place October 31 - November 2, 2017 at the Santa Clara Convention Center in Santa Clara, CA. Cloud Academy is the industry’s most innovative, vendor-neutral cloud technology training platform. Cloud Academy provides continuous learning solutions for individuals and enterprise teams for Amazon Web Services, Microsoft Azure, Google Cloud Platform, and the most popular cloud com...