Splunk Eases PCI Duties for MSPs
Splunk is going after retailers and the MSPs who serve them with a new PCI app for businesses that want to accept credit cards, but don’t want the hassle of a full-blown SIEM tool.
Send to Kindle
Fresh off its rollout of an impressive set of cloud-based Big Data analytics tools, software maker Splunk Inc. is going after retailers and the MSPs who serve them with a new version of its PCI reporting and analysis application for businesses that want to accept credit cards, but don’t want the hassle of a full-blown security and information event management (SIEM) tool.
Splunk App for PCI Compliance 2.0 provides simple, basic reporting and data analysis sufficient to meet the rigors of PCI Data Security Standard (DSS), a standard for protecting the personal information of customers and a requirement for accepting credit cards in most situations.
Splunk App for PCI Compliance “was developed to make PCI compliance as easy as possible for businesses," said Mark Seward, senior director of security and compliance marketing at Splunk in San Francisco. "Collecting and retaining data for audits is a daunting task, particularly since most PCI solutions require significant data normalization to deal with the wide variety of operational and security data formats. The Splunk App for PCI Compliance solves this challenge with out-of-the-box content for reporting and real-time monitoring of the enterprise."
The new tool is meant to be combined with Splunk Enterprise, the company's flagship big data analytics and statistical analysis platform for machine generated data. Together, the product set provides a scalable and robust investigation and forensics platform that serves up simple audit trails and visualizations of PCI incident review workflow, asset threat prioritization and requirement scorecards for PCI compliance without intertwining them all with other SIEM reports that can often be confusing or irrelevant.
Anyone who has ever been tasked with processing data for PCI reports and audits knows how difficult and time consuming the task can be. The constant maintenance required to collect and normalize reams of data from disparate sources can quickly overwhelm many organizations. Because Splunk concentrates on indexing any machine-generated data, it lets users focus more on analysis and less on data collection.
MSPs that must guarantee and certify PCI compliance for their retail customers stand to benefit from such capabilities. "Our managed service customers hold us responsible for maintaining PCI compliance," said Ryan McFadden, managed services operations specialist at Tessitura Network Inc., in Dallas. "The Splunk App for PCI Compliance helps us know where we are with PCI compliance, not only at audit time, but also in real-time, at any given moment."
The channel-friendly Splunk has quietly amassed more than 4,400 enterprise customers in 80 countries since its founding in 2005. More importantly, the Splunk partner ecosystem is expanding with more than 50 system integrators, VARs and MSPs taking advantage of the company’s multi-tiered partner program, according to officials.
Splunk’s Powered Partner Program, launched in early 2009, contains five tiers and all of the requisite tools for reseller enablement, including technical training and sales and marketing help.
The Splunk App for PCI Compliance is available now with a free trial download of Splunk Enterprise.