Commercial Enterprises:

INTEGRITY—When Your Money Depends On It
Securing the Banking and Credit Card Industries from Cyber Attack

Bank and credit card company executives have been put on notice:

Major credit card issuers, led by Visa and Mastercard, are truly linchpins of the economy. Credit card issues accounted for $2.665 trillion in purchases in 2007. Consider:

  • Citibank saw its 7-Eleven ATMs compromised and cyber criminals made off with PIN numbers of an unknown number of customers. $2 million was taken from accounts in very short order
  • The World Bank was penetrated and forty of their servers containing their most valuable data about the $25 billion in loans they make every year and the 185 countries on their board. The penetration came through an email server and was ongoing for months before being detected
  • Dark Market, an online, invitation-only forum for buying and selling stolen financial information was recently busted and shut down by the FBI. It is believed that the forum had 2,500 regular members


Sooner or later, cyber security strategies based on ad-hoc, reactive, inconclusive "pierce and patch" security policies will result in:

  • Executives not in compliance with Federal laws; facing fines and/or prison sentences
  • Widespread economic upheaval as loss of bank customer funds impacts individuals and businesses
  • Loss of financial institution corporate value—market capitalization, revenue, earnings
  • Loss of customers
  • Millions lost defending or settling class action lawsuits
  • Millions spent on restoring operations or refunding money to customers
  • Bankruptcy

A cyber security strategy based on "pierce and patch" is—

Unfathomable. Unacceptable. Untenable. Uneconomic.
And has largely been unfixable — until now.

INTEGRITY—the most secure and reliable software system ever developed—can provide banks and other financial institutions with certified unbeatable cyber asset security. The National Information Assurance Partnership (NIAP) has awarded INTEGRITY a rating of EAL6+ High Robustness. No software system has ever come close to these ratings before INTEGRITY.

With INTEGRITY, mission-critical applications stay secure and customer data remains private, free from the possibility of intentional, hostile, well-funded, internal or external attack. And it's been certified—not once, but multiple times.

INTEGRITY helps banks and credit card issuers meet or exceed PCI DSS requirements. The FDIC has for some time required that financial institutions implement PCI DSS procedures for protecting credit card data. INTEGRITY enables compliance with these requirements and even empowers companies to go above and beyond them.

Build and Maintain a Secure Network

  • Requirement 1: Install and maintain a firewall configuration to protect cardholder data — Deployment of perimeter-based defenses via firewalls and other external security appliances to safeguard information has proven to be woefully inadequate. INTEGRITY protects data at the core through its certified technology
  • Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters—INTEGRITY goes well beyond password protection as INTEGRITY enables utilities to establish their own enterprise-wide and system-level protocols.

Protect Cardholder Data

  • Requirement 3: Protect stored cardholder data—INTEGRITY protects cardholder data by providing certified military-grade security through its separation technology.
  • Requirement 4: Encrypt transmission of cardholder data across open, public networks—Encryption technology is an important preventive measure, but not in itself sufficient to guarantee data security, as demonstrated in the cases of TJX and Hannaford Bros. Only INTEGRITY has the High Robustness rating to protect the most valuable data under the levels of cyber threat.

Maintain a Vulnerability Management Program

  • Requirement 5: Use and regularly update anti-virus software—Antivirus software is important, but not sufficient to deter serious criminal threats. INTEGRITY eliminates with a single mouse click and INTEGRITY makes it impossible for a virus to be propagated to other computers.
  • Requirement 6: Develop and maintain secure systems and applications—INTEGRITY is the only operating system that is certified to be 100% secure and reliable. It enables other applications (and operating systems) to run securely on various platforms

Implement Strong Access Control Measures

  • Requirement 7: Restrict access to cardholder data by business need-to-know—INTEGRITY enables enterprise-wide usage policies to be established. Users and applications will only have access to the data they need to be productive and can be limited as to what they can do with that data.
  • Requirement 8: Assign a unique ID to each person with computer access — INTEGRITY provides military-grade security management controls.
  • Requirement 9: Restrict physical access to cardholder data — INTEGRITY allows access to and control of critical data based on a comprehensive policy strategy established by the financial institution.

Regularly Monitor and Test Networks

  • Requirement 10: Track and monitor all access to network resources and cardholder data—INTEGRITY enables tracking and monitoring of access to network resources and cardholder data. More importantly, INTEGRITY controls which users and applications can access data and resources.
  • Requirement 11: Regularly test security systems and processes—INTEGRITY has been tested and proved to be secure against hostile and intentional attack. INTEGRITY has achieved a NIST EAL 6+ rating with High Robustness.

Maintain an Information Security Policy

  • Requirement 12: Maintain a policy that addresses information security—Deployment of INTEGRITY is the cornerstone of any corporate information security policy.

Without INTEGRITY, these requirements offer little protection from cyber crime. Hannaford Bros. was in full compliance with PCI DSS guidelines at the time of their data loss. Certified as secure and reliable for both military and non-military use as a result of the most rigorous testing and evaluation possible, INTEGRITY offers:

  • True security
    • Open communication is possible without risk to critical assets
    • Mission critical assets and applications remain completely safe and secure
  • Cost savings
    • INTEGRITY Secure Consolidated Client (ISCC)
    • Simultaneous support of legacy and mission critical applications
  • Form flexibility
    • Protect desktop PCs, servers, Thin-Client Workstations and even PDAs
  • Open Standards
    • Supports Windows and Linux
    • Supports native POSIX-compliant applications
  • Certified security and reliability—no other operating system can offer this level of security and reliability and no other operating system has ever been certified to the levels of INTEGRITY

To learn more about how INTEGRITY Global Security can secure your financial institution, please call 805.882.2500, or send email.

© INTEGRITY Global Security    |    Site Map    |    Contact Us