Download PDF
Imperva > Case Studies > National Bankcard Services Enhances Security with SecureSphere SE for PCI Compliance
Imperva Logo

National Bankcard Services Enhances Security with SecureSphere SE for PCI Compliance

Technology Category
  • Application Infrastructure & Middleware - Event-Driven Application
  • Cybersecurity & Privacy - Application Security
Applicable Industries
  • National Security & Defense
Applicable Functions
  • Maintenance
  • Quality Assurance
Use Cases
  • Tamper Detection
  • Track & Trace of Assets
The Challenge
National Bankcard Services (NBS) provides custom processing solutions for petroleum and convenience store markets, including an online service for retailers to offer various payment options. As part of its operations, NBS enables its customers to track sales from payment card usage through an online portal. To maintain its reputation, NBS must ensure that the sales and related private corporate information of their customers is protected from unauthorized access and data theft. The company was previously performing code reviews and manual code fixes for its web applications, a process that was both time-consuming and prone to human error. NBS needed to comply with PCI 6.6 to protect the online portal from all types of application threats. However, with a small IT staff, the solution needed to be easy to configure and maintain.
About The Customer
National Bankcard Services (NBS) is a company based in Minnesota, USA, that focuses on delivering cost-effective, custom processing solutions for petroleum and convenience store markets. The company provides an online service for these retailers so that they, in turn, can offer consumers an array of payment options including credit/debit/EBT cards, proprietary cards, fleet cards, checks, gift and prepaid cards and loyalty solutions. NBS provides a Web hosting service to each of its client companies via an online portal on the NBS Web site. Companies log into the portal in order to access their sales information, which is updated on an ongoing basis. NBS must ensure that the information is protected from unauthorized access or changes.
The Solution
After evaluating various solutions, NBS selected the Imperva SecureSphere SE Web Application Firewall solution. This solution directly meets the PCI 6.6 application-layer firewall requirement, provides robust protection for applications, features an easy-to-use management UI, and enables automated reports generation to ease the organization’s compliance efforts. SecureSphere SE, a market-leading Web application firewall packaged for medium enterprises, provides automated and accurate protection for their online customer portal. Through Dynamic Profiling, SecureSphere SE removes the need for constant manual tuning of application monitoring and security policies. With Correlated Attack Validation, SecureSphere SE delivers a highly accurate and completely automated defense system, keeping false positives to a minimum. Installed inline, SecureSphere SE directly detects and blocks application attacks in real time. It also detects and alerts NBS to discovered application vulnerabilities and points out related errors in the Web server response code, which developers may fix during the next application code change cycle.
Operational Impact
  • With the implementation of SecureSphere SE, National Bankcard Services is able to effectively comply with PCI 6.6 and maintain a safe environment for its customers to access their business data online. SecureSphere SE helps NBS protect its reputation among customers by providing the most accurate and automated protection for the online portal against a variety of sophisticated application-level attacks, including SQL injection, Cross site scripting, cookie tampering, and session hijacking attacks. Also, SecureSphere SE makes it easy for the company to deploy, configure and maintain application security on an ongoing basis due to Dynamic Profiling which automates the process, and because SecureSphere SE regularly receives updated signatures and rules from the Application Defense Center, Imperva’s research organization dedicated to application security.
Quantitative Benefit
  • SecureSphere SE directly meets the PCI 6.6 application-layer firewall requirement
  • SecureSphere SE provides the most automated and robust protection for applications
  • SecureSphere SE features an easy-to-use management UI

Related Case Studies.

Contact us

Let's talk!

* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.