CSP Addresses Compliance and Security Vulnerabilities with New Solutions
NonStop systems have captured sensitive information for as long as they have been deployed. Since the PCI DSS standard emerged, its goal has always been to protect card holder’s data to ensure the information is not compromised.CSP has been at the forefront of security for NonStop users, delivering industry-leading solutions that ensure organizations remain compliant and adhere to PCI DSS standards.
Standards, mandates, and directives may not be universally adhered to across all regions. However, organizations must ensure that the sensitive information captured by NonStop applications will not be compromised as long as the appropriate security tools are in place.
There were many headlines in 2022 that drew a lot of industry attention to the topic of security, particularly to the presence of Ransomware and the resultant need to know all about who is accessing your systems and applications.
Increasingly, this has spotlighted the need to pursue greater protections, with many different security models being discussed. Perhaps the most discussed approach is Zero Trust. For CSP, this isn’t surprising to see as it has become a cornerstone of CSP development for some time, and the response from the NonStop community has been positive.
CSP is not alone in emphasizing the importance of implementing a zero-trust model. Discover Europe 2022 was recently held in Frankfurt, and HPE addressed its approach to Zero Trust Security. “Essentially, the Zero Trust security model replaces faith in the integrity of secure network perimeters (such as private networks, firewalls, and VPN/VPC) with that of the individual software systems that manage critical data,” is how HPE defines Zero Trust.
“HPE has recognized that, for customers and partners to deliver a robust and agile Zero Trust security solution for their most critical data systems, trust must be built into everything they use—from the silicon that runs the software to the software itself.
Understanding the increasingly complex security challenges facing the NonStop platform is none more topical than protecting applications and data from attacks by maleficent operators. “From our observations, organizations can achieve more by applying a zero-trust model when it comes to authentication,” said Henry Fonseca, CSP’s General Manager. Applying a Zero Trust model means authenticating anyone who accesses your networks to ensure they are authorized to access specific domains.
While HPE addressed the subject of Zero Trust in Frankfurt, it was only a few weeks earlier that the NonStop community gathered for NonStop Technical Boot Camp 2022. That allowed CSP to present its approach to implementing Zero Trust to an audience of members of the NonStop community. “What stood out for me was that given how this was the first in-person Boot Camp in quite some time,” said Fonseca. “It further reinforced how the NonStop community was no longer immune from security attacks, including those intending on holding enterprises to ransom.”
A typical zero-trust model for NonStop systems might include validating identity, aligning appropriate access management, and implementing technologies such as multi-factor authentication. To this end, CSP provides CSP Authenticator+®. “The new CSP Authenticator+ cloud-native application was developed using a modern cloud-based framework,” said Henry. “This redesign focuses on providing security, flexibility, and scalability. It will prove beneficial for ensuring multi-factor authentication, given that the new cloud-native application supports high availability, Kubernetes deployments, and additional features”.
In developing security solutions for the NonStop community, two factors remain essential for NonStop users – costs and completeness. “Our suite of products addresses a wide range of security and compliance requirements, including compliance reporting, file monitoring, user access management, session control, vulnerability scanning, multi-factor authentication, and more,” said Peter Mehta, CSP’s Head of Sales. “Regarding costs, it is all about delivering value to customers. And in this regard, we are better priced than our largest competitor while providing a superior product and excellent customer service”.
Introducing CSP Vulnerability Scanner
CSP Vulnerability Scanner is a new vulnerability scanning and reporting solution for HPE NonStop systems. This tool helps identify vulnerabilities by checking the NonStop system configuration, access permissions, and security settings. It generates insightful reports for users and recommends changes to improve the security posture.
To effectively audit the security of the systems, the CSP Vulnerability Scanner gathers a vast amount of information from different sources, including Safeguard, Guardian, and other subsystems. It automates this task by providing insightful reports for technical and non-technical users. The CSP Vulnerability Scanner also includes access to CSP-Wiki®, where users can get more details on the settings, security, and compliance implications.
For complimentary access to CSP-Wiki®, an extensive repository of NonStop security knowledge and best practices, please visit wiki.cspsecurity.com
We Built the Wiki for NonStop Security ®
+1(905) 568 –8900