Flybe protects transactional data with PCI compliance
By Miya Knights,
UK-based Flybe, Europe's largest regional airline, has deployed a new network monitoring and security tool to help comply with the payment card industry data security standard (PCI DSS).
The standard, introduced by Visa, MasterCard and American Express, to protect the storage and access of customers' credit card data affects any company, like Flybe, who have customer-facing transactional systems handling credit cards.
The airline takes 85 per cent of bookings are online, as its website handles more than 20 million visitors each year. To comply with PCI DSS, it needed added automated monitoring capabilities to manage events across its network and the large amount of confidential data being processed and stored over the internet.
By working with user authenticity and session security specialist Gradian to deploy the enVision 3.5 platform from EMC's security division RSA, Flybe will be able to centrally track and monitor all access to network resources and safeguard cardholder information.
Chris Cooper, Flybe IT security manager told IT PRO: "The platform fits into our technology strategy as a fairly central foundation point for the all the systems that create security alerts and network event and log files. It acts as a central collation point from which to manage the analysis, intelligence and reporting of this data."
He said the instant alerts about events that might present a risk to customers' confidential information would enable to have "eyes and ears on the ground to identify potential weaknesses or risks in the system, as well as any changes to the network".
And its ability to collate data from the more than 2,000 devices connected to its databases, with integration capabilities out-of-the-box or in-house, going forward by Flybe's own IT team, was also key.
The RSA enVision platform is engineered so that Flybe can manually create reports of network activity and then automate this process to repeat on a weekly or monthly basis. This customisable, built-in reporting process will enable IT staff to better police Flybe's IT systems in line with its business objectives, as well as remain PCI compliant in conjunction with other IT security investments, like encryption and firewall technologies.
"Our entire approach to PCI is not just to buy technology that adds another tick in the compliance box," said Cooper. "We are looking to use systems that provide business value."
You may also like...
Sponsored Links
advertisement
You may also like...
Latest Security Analysis & Insight
What is your password worth?
Would you be tempted to sell off company passwords for a fee? If not, seems like you're in the minority, acccording to research.
- Macs under attack?
- Intel: security inside
- Are you spending too much on IT security?
- Does the government want to snoop on your data?
- Eurocrats versus the cyber criminals
- The truth about spam
- Google and privacy: What’s the problem?
- Q&A: Symantec’s CISO on the source code hack
- RSA: Back from the breach?
Latest Security Reviews
Check Point 2210 Appliance review
Rating: 
advertisement
Most popular
- Apple iPad 3 vs iPad 2 head-to-head review
- ICO: Fines for cookie law breakers
- Hutchison denies it will pull plug on Three UK
- Sony Vaio T13 Ultrabook review: First look
- BlackBerry 7 OS certified to carry 'Restricted' UK government information
- Facebook floatation marred by Nasdaq glitch
- Open source software driving cloud-based innovation
- CIO: Career is over?
- EMC World 2012: Tucci declares Documentum is here to stay
- Dell PowerEdge R820 review
Latest News Videos in Security
IT PRO Podcast: Are UK data protection laws flawed?
PlayWe bring in two experts to talk about the problems with UK data protection law and the way it is managed.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
