Crosskey – a Finnish company that develops and maintains its own banking systems and solutions for Nordic banks – is using AlienVault Unified Security Management (USM) for simplified security management of its card payment systems. The company handles the management of more than 3 million banking customers (half of Finland's population) has now gained complete security visibility, meeting important PCI-DSS requirements.
In terms of security, Crosskey had been outsourcing to an MSSP but increasing log volumes made this a challenge that was not cost-effective. In order to achieve PCI- DSS compliance, maintain a broad threat intelligence view and deal with the log increase, Crosskey has taken its security services in-house with AlienVault's Unified Security Management (USM).
AlienVault's USM platform combines five vital security capabilities which along with the threat intelligence and OTX integration gave it the edge over competing solutions.
"Customers expect their financial systems to be secure by default and one of our biggest drivers when searching for an improved security solution for our card payment systems was PCI compliance," explained Kim Halavakoski, CSO, Crosskey. "We needed a solution that would not be resource or cost intensive. By using AlienVault's Unified Security Management platform, with its correlation engine and threat intelligence, we were able to save on both of these fronts while still delivering effective security."
The USM solution provides consolidated log management, security event and incident management, real-time threat analysis, and real-time vent and incident analysis, all with configurable alerting. Allowing Crosskey to improve both its security and visibility, yet use a smaller security team.
Halavakoski expects that in the future, breaches on payment systems will continuously be a problem and "finding badness" from environments will become increasingly difficult. Therefore, security products that incorporate threat intelligence, like USM, will become ever more important.