SOURCE: TriGeo Network Security, Inc.

January 08, 2008 10:00 ET

TriGeo Joins PCI Security Vendor Alliance

Mid-Market Focus Helps Level II and Level III Merchants Comply With Payment Card Industry Data Security Standards

POST FALLS, ID--(Marketwire - January 8, 2008) - TriGeo Network Security, the proactive network defense company, has joined the Payment Card Industry Security Vendor Alliance (PCI SVA), becoming the group's first security information and event management (SIEM) provider to focus on mid-market compliance needs. TriGeo's Platinum Level participation helps its deep financial and retail customer base navigate PCI compliance requirements, and extend those security practices to all confidential data in users' value chains.

TriGeo's membership helps Level II merchants, banks, credit unions and other organizations (those processing between one million and six million credit card transactions annually) quickly gain compliance to avoid fines for missing the December 31st compliance deadline. According to Visa, as of late October only 43 percent of Level II merchants had validated PCI compliance.

"The mid-market faces the same PCI compliance burdens as large enterprises, but has a fraction of the staff and budget needed to identify, evaluate and implement a solution," said Michelle Dickman, president of TriGeo Network Security. "The PCI Security Vendor Alliance plays a crucial role in providing education and information that IT managers need to quickly secure their systems, and best protect customer data."

The PCI SVA supports and develops solutions to meet the 12 requirements defined by the PCI Security Standards Council™ that safeguard sensitive credit card information. The criteria include security processes and detection and reaction measures to minimize the risk of fraud and data breaches. Failure to comply not only exposes critical systems and data, but subjects organizations to fines from credit card companies. Collectively, PCI SVA members deliver compliance solutions to thousands of customers.

According to a September report from VeriSign, "Lessons Learned: Top Reasons for PCI Audit Failure and How To Avoid Them," a majority of audited companies failed nine requirements. TriGeo specifically addresses three of the most problematic:

--  Requirement 10: Track and monitor all access to network resources and
    cardholder data (failed in 71 percent of assessments)
    
--  Requirement 11: Regularly test security systems and processes (failed
    in 74 percent of assessments)
    
--  Requirement 12: Maintain a policy that addresses information security
    (failed in 60 percent of assessments)
    

With the industry's only real-time SIEM solution, TriGeo streamlines PCI compliance of these requirements through hundreds of pre-built rules and reports for data and network protection, and the ability to easily create new rules and reports on the fly. Its appliance documents all machine, user and network activity, along with proactive responses such quarantining, blocking, routing and controlling services, processes, accounts and privileges.

"PCI requirements are the 'how to' guide for data security -- and should be implemented for much more than credit card data," said David Taylor, president of the PCI Security Vendor Alliance. "With an innovative out-of-the-box solution, TriGeo is uniquely positioned to solve many PCI needs and implement security best practices across networks."

About TriGeo Network Security

TriGeo Network Security delivers enterprise security information and event management (SIEM) designed specifically for the needs of the mid-market. TriGeo SIM is the only real-time SIEM appliance that automatically identifies and responds to network attacks, suspicious behavior and policy violations. This award-winning product combines real-time log management, event correlation, USB detection and prevention with powerful active response technology. TriGeo SIM is both a unique network defense technology and an "Audit-Proven" compliance solution that meets the security monitoring and log management requirements imposed by PCI, GLBA, NCUA, FDIC, HIPAA, SOX and more.

TriGeo has hundreds of customers across key vertical markets including financial services, health care, government, utility, retail and media/entertainment. TriGeo SIM has won numerous awards including the 2007 SC Magazine Reader Trust Award, the 2007 Gartner Best Execution of a Mid-market IT Solution, and the SC Magazine Best Buy of 2006 award for Event Management. The Company is headquartered in Idaho and is represented by partners nationwide.

For additional information about TriGeo and its products, services and partners, please contact TriGeo at 1 (866) 664-9292 or at www.TriGeo.com.

About the PCI Security Vendor Alliance

PCI SVA (http://www.pcialliance.org) assists members of the payment card industry, composed of merchants, banks and point-of-sale vendors, in educating the business community on the requirements and business value of the Payment Card Industry (PCI) Data Security Standard, a global benchmark intended to improve security throughout the entire payment card transaction process.

Contact Information