With Armor, any technology team can manage compliance in the cloud, giving you the assurances needed to manage sophisticated payment applications with increased flexibility, scalability and reliability.
Armor provides security and compliance benefits by mapping security controls to PCI compliance mandates that reduces regulatory scope, simplifying the auditing process and lowering management costs.
MEET THE COMPLIANCE EXPERT
To help you navigate the hundreds of controls and simplify your approach, CISO Kurt Hagerman talks about the challenges, pitfalls and best practices in the world of PCI compliance.
Armor customers inherit PCI DSS 3.2 compliance that addresses many of the controls mandated by the PCI Security Council. This means streamlined assessments as well as cost savings for organizations without robust cloud security programs.
Click on the tabs below to see key PCI DSS controls addressed by our solutions:
| Armor Security Services | PCI DSS 3.2 Controls | Risk Mitigation |
| Intrusion Detection | 11.4 | Malicious allowed traffic |
| Internal Network Vulnerability Scanning | 11.2.3) | Exploits due to missing patches or updates; improper network firewall configuration |
| File Integrity Monitoring | 11.5 | Monitoring unauthorized changes to critical files |
| OS Patching/Updating | 6.0, 6.2) | OS weaknesses Malware Protection |
| Malware Protection | 5.1, 5.2, 5.3 | Compromise due to virus/malware infection |
| Log Management | 10.1, 10.2.2-10.2.7, 10.3, 10.5, 10.6, 10.7 | Detection of malicious activity |
| Armor Security Services | PCI DSS 3.2 Controls | Risk Mitigation |
| IP Reputation Filtering | Security best practice | Activity from known bad sources |
| DDoS Mitigation | Security best practice | Loss of availability due to high volume of malicious activity |
| Web Application Firewall | 6.6 | Application layer flaws and exploits |
| Intrusion Detection | 11.4 | Malicious allowed traffic |
| Network Firewall (Hypervisor-Based) | 1.1.5, 1.1.6, 1.1.7, 1.2.2, 1.2.3, 1.3.3, 1.3.5 | Unwanted network connectivity |
| Secure Remote Access (Two-factor authentication) | 8.3 | Unauthorized remote use of administrative access |
| Secure Remote Administrative Access | 2.3 | Disclosure of administrative credentials |
| OS Patching/Updating | 6.1, 6.2 | OS weaknesses Malware Protection |
| Malware Protection | 5.1, 5.2, 5.3 | Compromise due to virus/malware infection |
| Log Management | 10.1, 10.2.2-10.2.7, 10.3, 10.5, 10.6, 10.7 | Detection of malicious activity |
| Physical Security | 9.1, 9.2, 9.3, 9.4 | Physical theft or compromise of data |
Leverage our PCI DSS expertise to overcome any compliance challenge. We provide 24/7/365 hands-on support to support the team responsible for managing PCI DSS-related cloud security controls.
Our talent doesn’t just extend your team, they become part of it – seamlessly incorporating their skill set and expertise into your cloud security roster. Together with our best-of-breed security technologies, they guarantee a level of cloud security and performance that only Armor can provide.
Our approach to cloud security focuses on security first, letting compliance follow as a result. It’s why we’re able to boast a protection rate of 99.999% across all customer instances alongside streamlined PCI DSS attestation.
We do this by orienting and adapting our managed security solutions to achieve the highest level of protection in the cloud.
With nearly a decade of cloud security experience and expertise, we’ve standardized effective processes for defending against even the most sophisticated cyber attacks. This provides peace of mind that your customers’ payment card data is secure and compliant – helping you maximize your cloud investment.
