News Feed Item

Tempered Networks Enables Enterprises to Achieve PCI DSS Compliance Standards with Identity-Based PCI Micro-segmentation

Solution frees up PCI personnel by over 60 percent on average, while fortifying enterprises' security posture; Coalfire Systems to execute PCI lab testing and validation

SEATTLE, WA -- (Marketwired) -- 06/19/17 -- Tempered Networks, Inc. today announced that the new release of its Identity-Defined Networking (IDN) platform provides a unified PCI security architecture for enterprise and government organizations. The latest IDN platform release removes PCI systems and assets from scope through cloaking, micro-perimeter segmentation, machine authentication and authorization, and end-to-end encryption. These, and other controls, support Payment Card Industry Data Security Standard (PCI DSS) compliance requirements. The company also announced that it has partnered with Coalfire Systems, a qualified security assessor, to test and validate Tempered Networks' identity-based PCI micro-segmentation capabilities. A comprehensive report from Coalfire will be published by July 2017.

"A PCI compliant environment does not mean your network and assets are immune from attack, especially east-west lateral movement, which is why we continue to witness so many hacks of PCI compliant networks," said Erik Giesa, VP of Products at Tempered Networks. "Hacks against healthcare organizations alone have increased by 63% in 2016, according to a recent TrapX report. These organizations are still relying on IP address-defined policies that are subject to spoofing. Instead, our approach unifies PCI compliance with security, giving customers the best of both worlds. By using cryptographic machine identities for enforcement, local and wide area micro-segmentation easily removes systems from PCI scope, while cloaking PCI segments from bad actors. This capability is also ideal for achieving HIPAA and NIST Cyber Security Framework (CSF) compliance."

PCI compliance is essential to any organization that processes, stores, and transports payment card data. PCI DSS has strict guidelines that must be satisfied before any systems can be deployed. Tempered Networks' IDN platform helps organizations meet these stringent requirements through local and wide-area PCI micro-segmentation, providing a level of isolation and containment previously unattainable. The IDN platform enables organizations to fulfill specific PCI requirements in the following ways.

PCI machine authentication, authorization, and whitelist orchestration. PCI-DSS requirements have been written with traditional networking and security technologies in mind. Because firewalls, VPNs, and other access control technologies base their segmentation policies on spoofable IP addresses and VLANs which can be traversed, traditional segmentation is not only permeable but error-prone. With Tempered Networks' IDN software, access controls and policy enforcement are based on a machine's provable cryptographic identity. Every PCI machine authenticates and authorizes to other authorized machines before data transport can be established based on a machine whitelist. The machines then encrypt all data in motion creating an unbreakable local as well as wide-area network overlay.

Simple and centralized PCI orchestration. With new Smart Device Group capability, administrators can easily create pre-defined group policies for specific IDN PCI overlays. Only machine authenticated and authorized hosts can communicate within an encrypted IDN overlay. Using Smart Device Groups, automatically adding PCI resources to specific segments is simple, consistent, and predictable. The IDN solution's centralized orchestration engine, The Conductor, and its secure RESTful API makes PCI orchestration seamless and easy.

PCI-compliant controls and policy assurance. New PCI reporting capabilities created by the IDN solution help administrators ensure they have the proper controls and policies in place. To address policy guidelines for chain-of-custody requirements, the IDN solution ensures that only authorized administrative staff can access audit logs, which can be downloaded on demand by PCI auditors in an automated fashion.

Identity-based PCI micro-segmentation. Within the IDN fabric, the security and networking perimeter can easily be moved from the network edge to the PCI machines or hosts, creating hardened yet flexible secure micro-perimeters--without modifying existing infrastructure. Requirements for securing data-in-motion are addressed, since all whitelisted devices and associated traffic are automatically secured within PCI micro-segments using machine-to-machine AES-256 encryption. This capability supports PCI DSS v3.2 requirements across the LAN and WAN.

Reduce time spent on PCI audits. The IDN solution was designed with a manageability-first mindset, making ease-of-use through its intuitive orchestration engine a top priority. Because of this design principle, meeting PCI audit requirements is much simpler for IT personnel. Specifically, secure transport of logs, auditability of access to the system, traffic filtering, and audit reporting of system configuration changes, is easy using The Conductor and its new PCI reporting capabilities. Customers can reduce IT personnel time spent on PCI audits by 60 percent, on average.

"With Marcum's PCI practice, we pride ourselves on not only helping customers achieve PCI compliance, but also focus on ways to improve their overall security posture while saving time and money in the process," said Ted Carlson, President, Marcum Technology. "That's why we've partnered with Tempered Networks and we're excited about their new PCI compliance support. Not only does Tempered dramatically improve an organization's security posture with unique capabilities like wide area micro-segmentation and cloaking, but the simplicity of their solution can reduce PCI personnel time by as much as 62 percent."

Related Resources

The new release of Tempered Networks' IDN platform is available now. PCI enforcement and reporting are included in the platform at no additional cost. The Coalfire Systems lab validation report will be available by Q2 2017. Please contact your preferred reseller for more information or contact [email protected].

About Tempered Networks
Tempered Networks is the pioneer of Identity-Defined Networking (IDN), driving a new identity paradigm that basis trust on the host identity itself, not a spoofable IP address. Our IDN architecture unifies networking and security to overcome today's complex and inherently vulnerable networks. We provide the industry's most extensible networking overlay fabric, with automated policy-based orchestration, making it simple to instantly connect or disconnect any IP resource with another, located anywhere in the world -- on-premises, virtual or cloud. With IDN, local and wide-area micro-segmentation is now achievable and simple. It leverages your existing infrastructure, while eliminating future expenses on unecessary point networking and security products. For more information, visit www.temperednetworks.com.

You can also follow us @TemperedNW on Twitter or visit us on LinkedIn for more information about Tempered Networks and our technology.

Forward-looking statements. Certain statements contained in this press release may constitute forward-looking statements. Such statements include, for example, statements regarding the Company's or management's beliefs, expectations, estimations, plans, projections and similar statements. Any such forward-looking statements involve risks, uncertainties and other factors that may cause the Company's actual results and performance, or industry results to be materially different from any results or performance expressed or implied by such forward-looking statements. These forward-looking statements speak only as of the date of this press release and there can be no assurance that the results and events contemplated by such forward-looking statements will, in fact, occur. The Company expressly disclaims any obligation or undertaking to release any updates or revisions to any forward-looking statement contained herein.

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
SYS-CON Events announced today that Evatronix will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Evatronix SA offers comprehensive solutions in the design and implementation of electronic systems, in CAD / CAM deployment, and also is a designer and manufacturer of advanced 3D scanners for professional applications.
SYS-CON Events announced today that Synametrics Technologies will exhibit at SYS-CON's 22nd International Cloud Expo®, which will take place on June 5-7, 2018, at the Javits Center in New York, NY. Synametrics Technologies is a privately held company based in Plainsboro, New Jersey that has been providing solutions for the developer community since 1997. Based on the success of its initial product offerings such as WinSQL, Xeams, SynaMan and Syncrify, Synametrics continues to create and hone inn...
To get the most out of their data, successful companies are not focusing on queries and data lakes, they are actively integrating analytics into their operations with a data-first application development approach. Real-time adjustments to improve revenues, reduce costs, or mitigate risk rely on applications that minimize latency on a variety of data sources. In his session at @BigDataExpo, Jack Norris, Senior Vice President, Data and Applications at MapR Technologies, reviewed best practices to ...
DevOps promotes continuous improvement through a culture of collaboration. But in real terms, how do you: Integrate activities across diverse teams and services? Make objective decisions with system-wide visibility? Use feedback loops to enable learning and improvement? With technology insights and real-world examples, in his general session at @DevOpsSummit, at 21st Cloud Expo, Andi Mann, Chief Technology Advocate at Splunk, explored how leading organizations use data-driven DevOps to close th...
"Digital transformation - what we knew about it in the past has been redefined. Automation is going to play such a huge role in that because the culture, the technology, and the business operations are being shifted now," stated Brian Boeggeman, VP of Alliances & Partnerships at Ayehu, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
The past few years have brought a sea change in the way applications are architected, developed, and consumed—increasing both the complexity of testing and the business impact of software failures. How can software testing professionals keep pace with modern application delivery, given the trends that impact both architectures (cloud, microservices, and APIs) and processes (DevOps, agile, and continuous delivery)? This is where continuous testing comes in. D
"Evatronix provides design services to companies that need to integrate the IoT technology in their products but they don't necessarily have the expertise, knowledge and design team to do so," explained Adam Morawiec, VP of Business Development at Evatronix, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
"WineSOFT is a software company making proxy server software, which is widely used in the telecommunication industry or the content delivery networks or e-commerce," explained Jonathan Ahn, COO of WineSOFT, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Smart cities have the potential to change our lives at so many levels for citizens: less pollution, reduced parking obstacles, better health, education and more energy savings. Real-time data streaming and the Internet of Things (IoT) possess the power to turn this vision into a reality. However, most organizations today are building their data infrastructure to focus solely on addressing immediate business needs vs. a platform capable of quickly adapting emerging technologies to address future ...
Mobile device usage has increased exponentially during the past several years, as consumers rely on handhelds for everything from news and weather to banking and purchases. What can we expect in the next few years? The way in which we interact with our devices will fundamentally change, as businesses leverage Artificial Intelligence. We already see this taking shape as businesses leverage AI for cost savings and customer responsiveness. This trend will continue, as AI is used for more sophistica...
There is a huge demand for responsive, real-time mobile and web experiences, but current architectural patterns do not easily accommodate applications that respond to events in real time. Common solutions using message queues or HTTP long-polling quickly lead to resiliency, scalability and development velocity challenges. In his session at 21st Cloud Expo, Ryland Degnan, a Senior Software Engineer on the Netflix Edge Platform team, will discuss how by leveraging a reactive stream-based protocol,...
In his Opening Keynote at 21st Cloud Expo, John Considine, General Manager of IBM Cloud Infrastructure, led attendees through the exciting evolution of the cloud. He looked at this major disruption from the perspective of technology, business models, and what this means for enterprises of all sizes. John Considine is General Manager of Cloud Infrastructure Services at IBM. In that role he is responsible for leading IBM’s public cloud infrastructure including strategy, development, and offering m...
Sanjeev Sharma Joins June 5-7, 2018 @DevOpsSummit at @Cloud Expo New York Faculty. Sanjeev Sharma is an internationally known DevOps and Cloud Transformation thought leader, technology executive, and author. Sanjeev's industry experience includes tenures as CTO, Technical Sales leader, and Cloud Architect leader. As an IBM Distinguished Engineer, Sanjeev is recognized at the highest levels of IBM's core of technical leaders.
Product connectivity goes hand and hand these days with increased use of personal data. New IoT devices are becoming more personalized than ever before. In his session at 22nd Cloud Expo | DXWorld Expo, Nicolas Fierro, CEO of MIMIR Blockchain Solutions, will discuss how in order to protect your data and privacy, IoT applications need to embrace Blockchain technology for a new level of product security never before seen - or needed.
The 22nd International Cloud Expo | 1st DXWorld Expo has announced that its Call for Papers is open. Cloud Expo | DXWorld Expo, to be held June 5-7, 2018, at the Javits Center in New York, NY, brings together Cloud Computing, Digital Transformation, Big Data, Internet of Things, DevOps, Machine Learning and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding busin...