Vulnerability Management & Compliance for NonStop Systems
CSP has been an innovator in the field of NonStop security for over three decades and understands the complex security challenges facing the NonStop platform.
Organizations must comply with critical security requirements to protect data and satisfy regulations such as PCI 4.0 and GDPR. CSP has developed a series of easy-to-use solutions to keep your system secure, ensure you remain compliant, and provide the flexibility that a changing NonStop landscape demands.
CSP is a Gold Sponsor of the upcoming pan-European EBITUG event in Edinburgh, Scotland, on May 15 to 17. You will not want to miss our presentation on Vulnerability Management & Compliance for NonStop Systems.
We first promoted our CSP Vulnerability Scanner™ at the 2022 BIG SIG event in London. This tool is a vulnerability scanning and reporting solution for HPE NonStop systems that analyzes risks and identifies vulnerabilities by checking the NonStop system configuration, access permissions, and security settings.
It generates insightful reports for users and recommends changes to improve the security posture. “You may have already read about this from prior promotions, but its significance cannot be understated,” said CSP General Manager Henry Fonseca. “The key element here is that it works and delivers on the promise of identifying all potential vulnerabilities.”
We will also discuss Zero-Trust security models and deterring potential Ransomware attacks EBITUG. That is always a popular subject that has gained considerable media attention. And CSP Authenticator+®, our multi-factor authentication solution built for universal Application and System (TACL and OSS) access, allows security administrators to implement one or several authentication methods, including token-based systems such as RSA or similar solutions. Making it a great starting point when setting up a Zero-Trust security model.
“There are no surprises here for the NonStop community. Zero-trust means ensuring every user with access to NonStop is who they say they are. It also means ensuring those users only access the resources they have authorization for,” said Henry Fonseca. And when dealing with mobile workforces or hybrid workspace environments, the basic principle of a zero-trust security model is to avoid blindly trusting every element within the corporate network, be that a person, a process, or a processor. Standards, mandates, and directives may not be universally adhered to across all regions. However, organizations must ensure that the sensitive information captured by NonStop applications will not be compromised as long as the appropriate security tools are in place.
There were many headlines in 2022 that drew a lot of industry attention to the topic of security, particularly to the presence of Ransomware and the resultant need to know all about who is accessing your systems and applications.
Increasingly, this has spotlighted the need to pursue greater protections, with many different security models being discussed. Perhaps the most discussed approach is Zero Trust. For CSP, this isn’t surprising to see as it has become a cornerstone of CSP development for some time, and the response from the NonStop community has been positive.
CSP is not alone in emphasizing the importance of implementing a zero-trust model. Discover Europe 2022 was recently held in Frankfurt, and HPE addressed its approach to Zero Trust Security. “Essentially, the Zero Trust security model replaces faith in the integrity of secure network perimeters (such as private networks, firewalls, and VPN/VPC) with that of the individual software systems that manage critical data,” is how HPE defines Zero Trust.
“HPE has recognized that, for customers and partners to deliver a robust and agile Zero Trust security solution for their most critical data systems, trust must be built into everything they use—from the silicon that runs the software to the software itself.
Understanding the increasingly complex security challenges facing the NonStop platform is none more topical than protecting applications and data from attacks by maleficent operators. “From our observations, organizations can achieve more by applying a zero-trust model when it comes to authentication,” said Henry Fonseca, CSP’s General Manager. Applying a Zero Trust model means authenticating anyone who accesses your networks to ensure they are authorized to access specific domains.
Introducing CSP Vulnerability Scanner
CSP Vulnerability Scanner is a new vulnerability scanning and reporting solution for HPE NonStop systems. This tool helps identify vulnerabilities by checking the NonStop system configuration, access permissions, and security settings. It generates insightful reports for users and recommends changes to improve the security posture.
To effectively audit the security of the systems, the CSP Vulnerability Scanner gathers a vast amount of information from different sources, including Safeguard, Guardian, and other subsystems. It automates this task by providing insightful reports for technical and non-technical users. The CSP Vulnerability Scanner also includes access to CSP-Wiki®, where users can get more details on the settings, security, and compliance implications.
For complimentary access to CSP-Wiki®, an extensive repository of NonStop security knowledge and best practices, please visit wiki.cspsecurity.com
We Built the Wiki for NonStop Security ®
+1(905) 568 –8900