Harvard Medical School Deploys Third Brigade for PCI Security

Share Article

Host intrusion defense system protects cardholder data from targeted attacks including SQL injections

Security is a journey. We want to implement all the technology tools needed to ensure our data is protected

Third Brigade, a security software company specializing in host intrusion defense systems today announced that Harvard Medical School has deployed the Third Brigade Deep Security host intrusion detection and prevention systems (IDS/IPS) to help protect its web applications and servers from targeted attacks against cardholder data. The protection will help Harvard Medical School to meet the data security standards set out by the Payment Card Industry (PCI).

"Security is a journey. We want to implement all the technology tools needed to ensure our data is protected," said John Halamka, Chief Information Officer and Dean for Technology, Harvard Medical School.

The PCI Data Security Standards, endorsed by American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa Inc., requires merchants and service providers that store, process or transmit customer payment card data to adhere to information security controls and processes that ensure data integrity. More information on the standard can be found at http://www.pcisecuritystandards.org.

Third Brigade Deep Security is an advanced, host-based intrusion defense system that brings proven network security approaches -- including firewall, intrusion detection and prevention, and application firewall capabilities -- down to individual computers and devices. Deep Security can accelerate and simplify a PCI audit and help achieve PCI compliance by:

  • Enabling firewall network segmentation to reduce the scope of the PCI audit.
  • "Virtual Patching" as a compensating control to comply with requirements for vendor security patches to be applied within one month of release, based upon QSA approval.
  • Detecting and preventing attacks that target cardholder data, and alerting staff the moment an attack has been attempted.
  • Providing application firewall capabilities to complement secure coding initiatives and to protect web applications from attacks like SQL injection and cross-site scripting (XSS).
  • Ensuring standard security configurations are consistently and automatically applied to all appropriate systems, thus reducing the risk of an attack.
  • Providing detailed log information on who attacked, when they attacked and what they attempted to exploit, and by providing an auditable report of the security posture of a system.

More information, including a white paper titled Reducing the Scope of your PCI Audit: Innovative Network Segmentation Using Host Intrusion Defense, is available at http://www.thirdbrigade.com .

About Third Brigade
Third Brigade (http://www.thirdbrigade.com ) best-of-breed host intrusion defense systems protect critical data and applications, including those on virtual machines, from attacks that bypass or penetrate network defenses, and target vulnerabilities in operating systems, and enterprise and web applications. With a high performance deep packet inspection engine, Third Brigade Deep Security detects and prevents known and zero-day attacks, and provides a virtual patch for Microsoft® Windows®, Solaris™, Linux, and other Unix® hosts on physical and virtualized systems. It helps ensure regulatory compliance with PCI and other standards, and prevents costly business disruptions. Unlike others, Third Brigade provides broader, faster and simpler protection. Third Brigade. That's control.

Note: "Third Brigade", "Deep Security Solutions", and the Third Brigade logo are trademarks of Third Brigade, Inc. and may be registered in certain jurisdictions. All other company and product names are trademarks or registered trademarks of their respective owners.

For more information:
Laura Maio
Media & Analyst Relations
Third Brigade, Inc.
(T) 613-599-4505 x2238
(M) 613-219-2800


Share article on social media or email:

View article via:

Pdf Print

Contact Author

Laura Maio
Visit website