POS Stations | Cimcor

How CimTrak for POS Works

CimTrak ensures that you have complete visibility and control of changes to these critical devices. Changes, whether malicious or accidental, can lead to a breach of payment card information (PCI) and non-compliance with PCI-DSS. Trust CimTrak to continuously maintain the integrity and security of your point of sale (POS) systems.

File Integrity Monitoring for POS Systems

File integrity monitoring of point-of-sale (POS) systems is a requirement of the payment card industry data security standards (PCI DSS) and is a best practice for ensuring that changes to these systems do not allow a breach of credit card and other customer data. CimTrak is the leader in file integrity monitoring (FIM), pioneering real-time detection of changes in IT systems including point-of-sale systems.

POS systems require file integrity monitoring because these devices are involved in the processing of sensitive credit card information. Changes to the operating system and applications on POS systems can cause system downtime and worse, a credit card data breach. CimTrak's file integrity monitoring solution detects and alerts to changes in real-time while also providing manual or automated remediation capabilities to minimize the window of potential harm.

Get Complete Change Details

CimTrak gives you deep forensic insight into changes that are occurring in your infrastructure. By letting you know “who” made a change, “what” exactly changed, and “when” it changed, users get actionable information, not just an alert that requires time-consuming, manual effort to investigate. Users can even drill down further and get a side-by-side comparison of what a particular file looked like pre-change vs. post-change and zero in on exactly what changed. This extraordinary level of detail saves already stretched IT staff time, money, and frustration by getting to the root of the problem.

Restore File Changes or Prevent Them Completely

CimTrak’s unique architecture gives it the unprecedented ability to go beyond simply change detection. Various modes of operation, including “update baseline,” deny rights,” and “restore,” give users extreme versatility, unlike any other solution in the market.

Users can deploy these modes of operation selectively to monitor a particular file or group of files as appropriate. This granular nature of deployment allows precision monitoring of your unique environment in a way that fits your operational needs.

Extensive Alerting and Reporting Capabilities

With a wide selection of reports that can be scheduled or created on-demand, CimTrak ensures that you have the information you need for auditing, compliance, or change management purposes. With CimTrak’s ODBC driver, data can be sent from the CimTrak Master Repository to any reporting tool that your organization utilizes including Excel, Crystal Reports, or Cognos.

Upon detection of changes, alerts can be sent to the appropriate personnel within your organization. Additionally, change details can be sent to a Syslog server or security information and event manager (SIEM) to assist in the prioritization of risk analysis and threat detection. CimTrak also offers out-of-the-box integration with all major SIEM solutions including HP ArcSight, IBM QRadar, McAfee Enterprise Security Manager, RSA Security Analytics, Splunk, and more!

Restore File Changes or Prevent Them Completely

CimTrak’s unique architecture gives it the unprecedented ability to go beyond simply change detection. Various modes of operation including “update baseline,” deny rights,” and “restore” give users extreme versatility, unlike any other solution in the market.

Log

Changes are logged and alerted and a detailed audit trail is created.

Update Baseline

An incremental “snapshot” of a file or configuration is taken and stored in the CimTrak Master Repository as changes occur. This feature allows for changes between snapshots to be analyzed and the previous baseline to be redeployed at any time with one click.

Restore

Instantaneously reverses a change upon detection. This effectively allows a system to “self-heal.”

Deny Rights

Denies any access to a file. Since CimTrak runs as the local system account, it does not matter what privilege access a user has, access to a file will not be allowed thus denying reads, changes, deletions, or additions.

Proactively Respond to IT Security Threats

When changes occur, CimTrak’s unique ability to take immediate action via the “deny right” or “restore” mode helps to ensure the integrity and security of your business-critical servers and devices. CimTrak protects against external attacks that slip by your perimeter defenses, internal attacks, and occasional accidents that originate inside your corporate perimeter.

While intrusion detection systems and anti-virus are essential, they depend on known attack signatures and are often useless against zero-day attacks, disgruntled employees, or programmer mistakes. CimTrak is not dependent on outside intelligence of new hacker or virus methods.

As cyber-attacks, data breaches, and new forms of malware become more and more prevalent, new methods of defense are necessary. With CimTrak’s powerful and unique modes of operation, you can detect, respond, and recover from changes resulting from malicious or circumvented activities, ensuring your environment is PCI compliant and remains secure as new and evolving IT security threats try to wreak havoc on your IT systems.