WhiteConcierge, formerly part of Travelex and now a prominent Europe based B2B lifestyle management and concierge service, has selected the ForeScout CounterACT platform to help it achieve continued PCI (News - Alert) DSS Level 1 compliance.

Since the company’s core customer base comprises of financial institutions and high-street banks, it needed a solution to protect their data at an extremely high level. Company officials said that they sought a Network Access Control (NAC) solution to gain further visibility and control over access to network resources and sensitive data.

The company chose ForeScout CounterACT as it ticked all the right boxes in helping to achieve certain elements of PCI DSS Level 1 compliance, said Ben Sewell, head of Information Security & Technology at WhiteConcierge.

“Also, unlike the other NAC products we looked at -- including Cisco -- ForeScout CounterACT provided the flexibility we demanded to fit our network environment and was easy to administer, which kept staff training time to a minimum,” Sewell said.

PCI DSS Level 1 requirements include: install and maintain a firewall configuration to protect cardholder data; restrict access to cardholder data by business need-to-know; a list of detected malicious activity; and a policy with a pre-defined action for exposing users to company policies on a regular basis.

ForeScout CounterACT is helping WhiteConcierge to achieve these requirements. Company officials said that ForeScout's support of PCI monitors the firewall function by detailing all actual access made to the Card Holder Data Server Zone; ForeScout CounterACT identifies users attempting to access cardholder information to which they are not granted access by their Active Directory group.

Moreover, by using ForeScout CounterACT, a pre-defined action is available in the policy to automatically send an email to the administrator when a malicious activity is detected, and also ForeScout’s patented ActiveResponse function can be set to automatically block malicious sources.

Plus with ForeScout CounterACT, a pre-defined action is available to hijack hosts and require users to confirm that they have read the relevant company policy, said company officials.

“It is not a legal requirement for WhiteConcierge to be a PCI DSS Level 1 compliant merchant - nor is it an easy thing to do - but we chose to be, to show customers how committed we are to protecting their data,” Sewell said, adding that ForeScout CounterACT is therefore helping the company to be at the forefront of the industry.

“Over and above solving WhiteConcierge’s original pain point of supporting PCI DSS Level 1 compliance, ForeScout CounterACT also enables improved visibility of endpoint devices, strong reporting and bolstered network security infrastructure for them,” said John Hagerty, EMEA sales director at ForeScout.

Earlier this year, ForeScout Technologies announced the release of CounterACTT version 6.3.4.