Control Compliance Suite

Hi All,

My company is following PCI-DSS as of now all work is done manually.SInce there are close to 10 stores.

Like taking screenshots of the following by remotely logging in to the store computers.

1.Firewall

2.strong passwords

3.data encryption

4. antivirus

5. systems and applications security

6. unique user IDs

7.tracking and monitoring access

8.regular security 

Now same needs to be implemented for more than 2500 stores. We need to automate this centrally does symantec has solution for this????

Hi Samir,

CCS can scan your systems from central location and provide you report how you map to PCI-DSS requirements.

Samir,

There is not a specific "PCI standard" built in to the CCS Pre-defined content.   Since the PCI 3.1 DSS standard has many procedural checks you can only cover a portion of the PCI DSS Standard with the CCS Standards Manager.  With regard to Vladx's statement above, you can take your current standard and run a "Mandate report" to see how that standard maps to the PCI DSS standard.    If you need a specific "PCI" standard, then you would need to build that based on your security policies.   CCS Can help out in providing the information for your Report on Compliance (ROC), but the Standards Manager portion will only provide information for technical checks.   If you combine the CCS Assessment Manager, then  you can get closer to having a comprehensive solution.

@cmccoy2 - To run the 'Mandate report" do you have to be licensed for and currently using Policy Manager?  Related to this, is the Controls Studio gui only useful if licensed/using Policy Manager?

You do not need license for Policy Manager in order to run Mandate report. What you need to do is to enable PCI-DSS mandate in the Controls Studio gui in order for mappings to work and reports to be produced.