Case #7: Entertainment company loses credit cards
over wireless
Business
Problem:
This well known entertainment
company experienced a credit card breach through a wireless
access point. The company was self-attesting for PCI, and
thought they were secure. A staff position was eliminated
and a new team was formed.
Timeframe: Six months
Budget: $1.3M
Biggest Project
Risk: Once hackers breached the network and stole thousands
of credit cards, the entire environment was considered
"contaminated" as we were uncertain if servers have been
tampered, malware installed, and if any "back-door" processes
were installed.
Business Solution:
After the forensics team wrapped up the investigation, it was
time to rebuild the entire infrastructure to prevent this
situation from happening again. The entire network, POS
systems at every location, two data centers, and a new IT
Security infrastructure. A new PCI compliant POS software
system was installed to protect card holder data during
transmission for processing, new firewalls, switches, and
routers with IDS were purchased to harden the network.
Each location had 15 VLAN's to isolate other business processes
from credit card network traffic with additional VLAN's in each
data center to isolate credit card data at rest and processing
servers. All credit card traffic became encrypted between
POS's all the way to the credit card processor. The
network was setup to prepare for a future breach with network
sniffers and/or malware to intercept credit card traffic.
All credit card traffic and storage was encrypted from internal
and external threats. At each location, a new public Wi-Fi
connection existed for customers, but with no access to
corporate network. Employees at each location were
required to turn off Wi-Fi on a daily basis as a safeguard.
New monitoring software enabled IT Security to proactively
receive alerts from tampering, changes, and modifications from
systems.
Business Results: The project experienced many benefits that
actually improved the company in many ways. Many of the
new system components actually reduced work and resources, that
some of the team members left the company and their positions
were not back-filled. In addition, the company was more
streamlined, operated more efficiently by being able to deploy
new applications quicker and with greater ease, had better
business intelligence and reporting visibility into the POS
systems for revenue captures. All the logging and
monitoring tools used to protect the card holder environment
were also used to reduce downtime since system outages could be
identified much quicker and the logs provided details of the
difficult problems that shortened troubleshooting time.
Lastly, the company was experiencing undocumented changes that
would cause outages, but with file integrity being used,
unauthorized changes were being proactively detected and
prevented.
| |
2012 ConnectTech, LLC All rights reserved
Privacy Statement |
|
|
|
|
|
