FIREMON DELIVERS
Continuous Compliance For a Highly Distributed Environment
While facing a demanding audit schedule, Convey Health Solutions decided to adopt the Health Information Trust Alliance (HITRUST) Common Security Framework (CSF), a certifiable framework that provides organizations with a comprehensive, flexible, and efficient approach to regulatory compliance and risk management. Convey chose FireMon to help achieve HITRUST CSF as well as alleviate the effort and timeframe of compliance audits through a comprehensive and flexible framework of prescriptive and scalable security controls.
Use Cases
Industry: Hospitality
100%
Automated PCI-DSS compliance
3500
Devices Currently Managed
3x
Room to grow for additional planned devices in the future
The Challenge
The international company lacked the visibility and consistent policy management within its expanding infrastructure necessary to detect and clean up redundant and non-compliant rules, leading to PCI compliance uncertainty for their thousands of worldwide locations.
- Become proactively PCI-compliant through detection and cleanup of redundant, outdated and non-compliant rules
- Gain comprehensive and centralized policy management of all devices including Cisco, Juniper, WatchGuard, Palo Alto Networks, Checkpoint, and SonicWall
- Increase visibility and streamline management of their mixed-vendor environment
- Scale from 100 licensed devices to over 3,000
About the Company
A leading multinational hospitality company that operates, franchises, and licenses lodging including hotel, residential, and timeshare properties.
The Solution
With NSPM from FireMon, the company implemented proactive compliance and gained real-time visibility, control, and management capabilities for all network security devices across its multi-vendor environment.
- Unified management console for their entire mix of firewalls
- Policy standardization and optimization identified and cleaned redundant rules
- Proactive compliance checks and auto-denial of changes that violate PCI-DSS compliance standards
- A flexible framework that will encompass an additional 6,500 firewalls across their environment in the coming years
“Because of our recent acquisition and the large number of new rules we had to review, we knew we had to move fast to become PCI complaint. Thanks to FireMon, rule cleanup was a breeze. Our quarterly audits are now about verifying compliance, rather than discovering violations.”
Manager of IT Security Engineeringfor the selection and deployment of FireMon
Results
- 100% automated PCI-DSS compliance reports across a growing multi- vendor environment
- 3,500 devices currently managed with a plan to scale up to 10,000
- Improved firewall management and reduced security risk through proactive, automated rule validation
- Well-positioned to embrace future enterprise-wide security policy automation
