Were you to have been asked that question some years ago, the answer most likely would have bee “I’m not sure”....
PCI-DSS Compliance with CSP PassPort®
Authentication and authorization on NonStop systems require a complex arrangement of basic Guardian file permissions, Safeguard globals and optional object ACLs. All of these elements provide control over who can do what to an object.
CSP PassPort® is a comprehensive security solution for controlling and auditing user access to HPE NonStop systems. It provides comprehensive user and command control, password quality enforcement, and full session auditing for NonStop systems.
CSP PassPort complements Safeguard by providing additional security features and greatly expands the Guardian security package for systems without Safeguard.
Manage PCI-DSS Compliance Requirements
CSP PassPort provides important security features for NonStop servers with or without Safeguard. While Safeguard provides a range of authorization and authentication controls, additional controls are required to manage how users logon to TACL and/or OSH, and what privileged commands can then be used. At the same time, once logged on, it is critical to control what activities may then be carried out.
CSP PassPort addresses some of the following PCI-DSS requirements:
- Requirement 7 – Restrict access to cardholder data by business need-to-know
- Requirement 8 – Identify and authenticate access to system components
- Requirement 10 – Track and monitor all access to network resources and cardholder data
- Requirement 12 – Maintain a policy that addresses information security for all personnel
Designed for NonStop Command Control
CSP PassPort provides comprehensive user and command control, password quality enforcement and auditing. It controls and filters user access to systems, programs and commands according to customized user profiles.
All user terminal input/output operations (including OSS) can be monitored via an easy-to-use GUI interface, while an audit process records all user activities.
- Limit user access to sensitive assets, programs and commands
- Improve user accountability and audit activities
- Track powerful user id’s and commands
- Prevent easy hacks by enforcing Password Quality
- Eliminate the need to disclose sensitive SUPERID passwords for executing commands
- Generate extensive reports of user activities
- Get real-time notifications with Alert-Plus, and forward logs to SIEM for analysis
- Monitor and audit user sessions down to keystroke level
- Role-based user access
- Time restrictions by command and program
- User Authentication SEEP to prevent users from logging on outside CSP PassPort
- Powerful Custom Reporting
- Control client connections by IP address or IP address ranges
- Multi-factor authentication support (coming soon!)
Learn more about CSP PassPort here
CSP – Compliance at your Fingertips™
For complimentary access to CSP-Wiki®, an extensive repository of NonStop security knowledge and best practices, please visit wiki.cspsecurity.com
We Built the Wiki for NonStop Security ®
The CSP Team
+1(905) 568 – 8900