Presentation is loading. Please wait.

Presentation is loading. Please wait.

HPE NonStop XYGATE Product Updates

Published byPrudence Nicholson Modified over 9 years ago

Similar presentations

Presentation on theme: "HPE NonStop XYGATE Product Updates"— Presentation transcript:

1 HPE NonStop XYGATE Product Updates
Barry Forbes

2 HPE and XYPRO partnership
XYPRO - providing solutions for NonStop since 1983 Offers comprehensive suite of security and compliance solutions for NonStop, Authentication and access control Audits Compliance monitoring Data Security 2013 AllianceOne partner of the year in the security category

3 XYPRO solutions in HPE price-book
Authentication and Access Control Compliance Monitoring and Activity Auditing Data Security XYGATE User Authentication* XYGATE Access Control XYGATE Compliance PRO XYGATE Merged Audit* BASE24 plug-in BASE24-eps plug-in AJB RTS plug-in HLR plug-in XYGATE Data Protection New * Included in the OS Security bundle (J-Series) or the OS (L-Series)

4 Global security trends and relevance to the NonStop
XYPRO Technology – All Rights Reserved

5 Security breaches are still making news
Experian breach exposes 15 million T-Mobile customer data (October 2015) 4.6 million Scottrade accounts breached (October 2015) 100 banks hit by $1 billion cyber attack (February 2015) XYPRO Technology – All Rights Reserved

6 Security breaches are still making news
80 million member records stolen from Anthem BlueCross Blue Shield (February 2015) U.S. government breached—data for million employees stolen (July 2015) 30 million customers’ account info stolen from Ashley Madison (August 2015) XYPRO Technology – All Rights Reserved

7 Recent Study: 2015 Cost of Cyber Crime: Global
Study sponsored by HPE and independently conducted by Ponemon Institute Study at a glance: 252 companies in 7 countries 2,128 interviews with company personnel 1,928 total attacks to measure cost $7.7 million is the average annualized cost 1.9% net increase over the past year 15% average ROI for 7 security technologies XYPRO Technology – All Rights Reserved

8 Costs of cyber crime vary by industry
Financial Services and Utilities & Energy have the highest cyber crime cost by sector NonStop relevance NonStop systems are in high threat verticals NonStop customers face high costs for security breaches NonStop systems need very strong security Ponemon Institute “2015 Cost of Cyber Crime Study: Global” XYPRO Technology – All Rights Reserved

9 Simple attack methods still common
Viruses and malware most frequent type of attack Human aspect, including malicious insiders, still prevalent in attacks NonStop relevance Basic security principles are still important Ponemon Institute “2015 Cost of Cyber Crime Study: Global” XYPRO Technology – All Rights Reserved

10 Malicious insider attacks most expensive
Even though less frequent, cyber crime from malicious insiders has highest cost per incident NonStop relevance Ensure strong authentication Enforce policy of minimum required access Ensure no shared super-user accounts Keep track of what users are doing on critical systems with key logging Integrate NonStop with SIEM Ponemon Institute “2015 Cost of Cyber Crime Study: Global” XYPRO Technology – All Rights Reserved

11 Malicious insider attacks take longest to resolve
Average time to resolve cyber crime attacks from insiders is over 54 days NonStop relevance Ensure individual accountability (no shared Super user IDs) Enforce policy of minimum required access Keep track of what users are doing on critical systems with key logging Log and audit all NonStop security events Integrate NonStop with SIEM Ponemon Institute “2015 Cost of Cyber Crime Study: Global” XYPRO Technology – All Rights Reserved

12 Most companies don’t have strong security solutions
Only 50% have access management Fewer than 50% of companies use security intelligence, data protection or other critical security solutions NonStop relevance Don’t assume NonStop security is deployed Still a likely need to increase protection Ponemon Institute “2015 Cost of Cyber Crime Study: Global” XYPRO Technology – All Rights Reserved

13 There is strong ROI for security solutions
Security solutions have 15% average ROI NonStop relevance Security solutions for NonStop are worth the investment Ponemon Institute “2015 Cost of Cyber Crime Study: Global” XYPRO Technology – All Rights Reserved

14 Overall implications for NonStop
Cyber crime is on the rise Key NonStop vertical industries are top targets of cyber attacks Customer info and financial data are primary targets Basic security fundamentals are still important Investment in security solutions has a strong ROI (and can save your job!) XYPRO Technology – All Rights Reserved

15 XYPRO Technology – All Rights Reserved
Securing the NonStop XYPRO Technology – All Rights Reserved

16 PCI DSS compliance is a major security trend
PCI compliance is a critical requirement for many NonStop customers XYPRO Technology – All Rights Reserved

17 A framework for NonStop security
While not applicable to all companies, PCI is useful for considering a framework for NonStop security

18 Securing the NonStop

19 Addressing the Fundamentals
Requirement Implement strong access controls Controlling access – who, from where, when and how Minimum privilege Role-based authorization Individual accountability Activities audit Solution - XYGATE Access Control (XAC) Highly-granular access control Role-based access control Eliminate shared IDs Keystroke logging Audit privileged user activity An International Bank Mission-critical HP Nonstop for BESS commercial payments Enable full command control inside menu based interface Achieved high security while replacing legacy tool Customer example XYPRO Technology – All Rights Reserved

20 Addressing the Fundamentals
Requirement Protect sensitive data Strong encryption without changes to data structures High-performance tokenization Support for multiple data types Runs natively on NonStop Multi-platform support Solution - XYGATE Data Protection (XDP) Data protection optimized for NonStop Format-preserving encryption Secure Stateless tokenization Intercept library enables data protection without changes to application Enterprise-wide encryption and tokenization solutions A Global Retail Payments Provider Mission-critical HP Nonstop BASE24 system and z/OS systems PCI compliance and scope reduction Competitive advantage with tokens deliverable to retail clients and used in batch settlement Customer example XYPRO Technology – All Rights Reserved

21 Addressing the Fundamentals
Requirement - Enforce strong authentication before access Appropriate authentication methods Multi-factor authentication Integration with enterprise systems Single sign-on Solution - XYGATE User Authentication (XUA) Already part of your Nonstop system! LDAP integration Support for RSA SecurID Flexible authentication processes IP, port, time management A National Telecom Company Mission-critical HP Nonstop Needed PCI and corporate policy compliance Enterprise requirement for RADIUS authentication Enabled RADIUS support for legacy Pathway users as well as all Guardian/OSS users. Customer example XYPRO Technology – All Rights Reserved

22 Addressing the Fundamentals
Requirement Log and audit all NonStop security events Activity monitoring and logging Reconstruction of cases Multi-source audit monitoring Compliance reporting Solution - XYGATE Merged Audit (XMA) Already part of your Nonstop system! Consolidate and normalize multiple sources of log data Integration with SIEMs (HP ArcSight, RSA Envision and others) Adaptors for key NonStop applications (BASE24, BASE24-eps, AJB) A National Payments Processor Mission-critical HP Nonstop with S custom payments app using SQL/MX and SQL/MP Enabled SIEM integration and fraud alerting PCI compliance and scope reduction Alert and identify actual fraud activity Customer example XYPRO Technology – All Rights Reserved

23 Addressing the Fundamentals
Requirement Monitor compliance with regulations and NonStop security best practices Security methodology and system Best practices Corporate security policies Monitoring of systems/configuration Documentation Solution XYGATE Compliance Pro (XSW) Automatic security scanning Regulatory compliance framework File integrity checking, protecting data being processed Identify changes that impact security Document security policy and best practices An International Bank Mission-critical HP Nonstop with BASE24 application supporting POS and ATM Required PCI compliance and reporting Acquired Compliance PRO as a single purpose solution for File Integrity Checking Additional benefit of PCI compliance reporting Customer example XYPRO Technology – All Rights Reserved

24 XYPRO Technology – All Rights Reserved
Conclusion Security is more important than ever Increasing levels and cost of cyber crime Requirements for industry and government compliance NonStop systems are high-value targets and need strong security Basic security fundamentals still matter HPE and XYPRO can help you secure the NonStop and comply with PCI and other regulations NonStop Security Review services Using XMA and other security included in NonStop OS XYPRO Technology – All Rights Reserved

Download ppt "HPE NonStop XYGATE Product Updates"

Similar presentations

BalaBit Shell Control Box

BalaBit Shell Control Box
Notes: Update as of 1/13/2010. Vulnerabilities are included for SQL Server 2000, SQL Server 2005, SQL Server 2008. Oracle (8i, 9i, 9iR2, 10g, 10gR2,11g),

Notes: Update as of 1/13/2010. Vulnerabilities are included for SQL Server 2000, SQL Server 2005, SQL Server Oracle (8i, 9i, 9iR2, 10g, 10gR2,11g),
Presentation by: Peter Thomas Blue Lance, Inc Using SIEM Solutions Effectively to meet Security, Audit, and Compliance Requirements.

Presentation by: Peter Thomas Blue Lance, Inc Using SIEM Solutions Effectively to meet Security, Audit, and Compliance Requirements.
Information Security Jim Cusson, CISSP. Largest Breaches 110,000 2009-11-27 NorthgateArinso, Verity Trustees 6,400 2009-11-25 Aurora St. Luke's Medical.

Information Security Jim Cusson, CISSP. Largest Breaches 110, NorthgateArinso, Verity Trustees 6, Aurora St. Luke's Medical.
Www.tectia.com COPYRIGHT © 2010 TECTIA CORPORATION. ALL RIGHTS RESERVED. Proactive Measures to Prevent Data Theft Securing, Auditing and Controlling remote.

COPYRIGHT © 2010 TECTIA CORPORATION. ALL RIGHTS RESERVED. Proactive Measures to Prevent Data Theft Securing, Auditing and Controlling remote.
SPEAKER BLITZ ERIC BROWN Senior Systems Engineer NICK JAVANOVIC DoD Regional Sales Manager.

SPEAKER BLITZ ERIC BROWN Senior Systems Engineer NICK JAVANOVIC DoD Regional Sales Manager.
ISecurity Complete Product Series For System i. About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.

ISecurity Complete Product Series For System i. About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.
Information Security Policies Larry Conrad September 29, 2009.

Information Security Policies Larry Conrad September 29, 2009.
Security Controls – What Works

Security Controls – What Works
© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE www.visible.com Holistic View of the Enterprise Business Development Operations.

© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE Holistic View of the Enterprise Business Development Operations.
Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.

Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.
Are Large Scale Data Breaches Inevitable? Douglas E. Salane Center for Cybercrime Studies John Jay College of Criminal Justice Cyber Infrastructure Protection.

Are Large Scale Data Breaches Inevitable? Douglas E. Salane Center for Cybercrime Studies John Jay College of Criminal Justice Cyber Infrastructure Protection.
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.
Www.encase.com Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,

Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,
Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,

Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,
Chapter 7 Database Auditing Models

Chapter 7 Database Auditing Models
Top 7 Things to Know about Activation and Genuine Software with Windows 7 For computers with perpetual licensing obtained through Microsoft volume licensing.

Top 7 Things to Know about Activation and Genuine Software with Windows 7 For computers with perpetual licensing obtained through Microsoft volume licensing.
© 2004-2014. Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.

© Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.
Internal Auditing and Outsourcing

Internal Auditing and Outsourcing
StorTech Security Regulatory compliance provides the business foundation for security Organisations need to tackle all security challenges from a business.

StorTech Security Regulatory compliance provides the business foundation for security Organisations need to tackle all security challenges from a business.

Similar presentations

Ads by Google