EN 
PCI-DSS Compliance
Reduction in time to produce accurate compliance reports
Shadow rules identified and removed
The Challenge
Housing over 40 decentralized firewalls while relying on time-consuming and error-prone manual processes, Convey Health needed a solution to help ensure they maintained all their regulatory compliance requirements despite a grueling audit schedule.
The company sought to:
- Achieve HITRUST CSF certification and PCI-DSS compliance
- Conduct a full rule cleanup to remove redundant, overly permissive, and unused rules
- Automate change management processes, clean up rule bases, and improve reporting
- Eliminate error-prone and time-consuming manual processes
The Solution
FireMon added centralized firewall management, real-time visibility, and highly- customizable reports to the company’s multi-vendor environment.
- A single pane-of-glass policy management console for unified policy visibility and management
- Out-of-the-box and customizable compliance assessments, automated rule documentation and reporting, as well as workflows for rule review and recertification
With FireMon tracking compliance for us, we were able to shrink our overall audit time by two-thirds of our original schedule. Additionally, we were able to clean and push out almost 300 rules that had not been reviewed in over three years.”
Results
- Achieved continuous compliance with automated, real-time checks across 350+ custom controls and regulatory standards
- Eliminated error-prone and time-consuming manual processes
- Visibility for real-time network behavior and traffic flow analyses
- Reduced risk by removing redundant, overlapping, or unused rules
- Ability to deploy rules directly to devices with a single click