SlideShare ist ein Scribd-Unternehmen logo

PCI Compliance with GoGrid and Gazzang

Gazzang
Gazzang

What to expect - preparing for an audit The GoGrid and Gazzang combined solution Mapping into the 12 PCI sections Examples/Ideas before your PCI Audit

Technologie
1 von 34
Downloaden Sie, um offline zu lesen
Essentials of PCI AssessmentSucceeding with GoGrid and Gazzang Paul Lancaster, Manager Cloud Ecosystem, GoGrid Mike Frank, Director of Products, Gazzang
About GoGrid A Leader in the IaaS Market The #1 “pure-play” IaaS provider in the world Strong Track Record of “First-To-Market” Features World-class platform for infrastructure management Over 10,000 Customers Across All Industries GoGrid owns 100% of its IP GoGrid is not a reseller Extensible IP & Technology Platform Lower Cost of Goods – Margin Control “Top 10 Best Cloud Computing Providers” “Market Leader” “Visionary” Magic Quadrant “10 Cloud Computing Companies to Watch” 2
GoGrid is Driving Cloud Adoption Enabling Cloud Adoption
Overview What to expect - preparing for an audit The GoGrid and Gazzang combined solution Mapping into the 12 PCI sections Examples/Ideas before your PCI Audit Q&A 6/21/2011 4
PCI (Payment Card Industry) Created by major credit card issuers to  Protect personal information  Ensure security when transactions are processed  Members of the payment card industry are financial institutions, credit card companies and merchants Required to comply with these standards Failure to meet compliance standards can result in Fines from credit card companies and banks Loss of the ability to process credit cards. 6/21/2011 5
PCI PCI (Payment Card Industry) DSS (Data Security Standard) The PCI assessment process focuses solely on the security of cardholder data Has a company effectively implemented information security policies and processes? Are there adequate security measures that comply with the requirements to protect cardholder data? 6/21/2011 6
PCI Assessments Determine if you are employing payment industry best-practices Assessment result in Recommendations & Remediation to Processes Procedures System configurations Vulnerabilities The “Fixes” needed to comply 6/21/2011 7
What is Gazzang’sezNcrypt for MySQL ,[object Object]
Sits between the storage engine and file system
Encrypts data before it hits the disk.6/21/2011 8 Gazzang - All rights reserved 2011
Key Storage System (KSS) Gazzangs KSS “service” runs in the GoGrid Clouds East and West Currently Highly Available – uses F5 Solution for “Where do I store my key?” Multiple layers of security ensure that your key is protected and available when you need it. 6/21/2011 9 © Gazzang, Inc. -- CONFIDENTIAL -- 9
PCI Security Problems Gazzang Helps Solve Unauthorized attempts to read data off the database files Theft of the data files Tampering of data Protection of data on tapes and backups Data at Rest - Protecting disks In case physical hardware is stolen or incorrectly disposed Key Protection Automated, Zero Maintenance Key Management Encrypts, Protects and Secures MySQL 6/21/2011 Gazzang - All rights reserved 2011 10
The PCI “12” Install and maintain a firewall Do not use vendor-supplied defaults for passwords. Develop configuration standards. Protect stored data Encrypt transmission of cardholder data across public networks Use and regularly update anti-virus software Develop and maintain secure systems and applications Restrict access to data by business need-to-know Assign a unique ID to each person with computer access Restrict physical access to cardholder data Track and monitor all access to network resources and cardholder data Systems should be tested to ensure security is maintained over time and through changes Maintain an information security policy 6/21/2011 11
1 Install and maintain a firewall GoGrid FortinetFirewall 100,000 concurrent sessions Unlimited IP addresses in a trusted interface Choice of one VPN: SSL, Site-to-Site or IPSec Ability to add additional VPNs at any time Cisco ASA 5510 dedicated hardware firewall The Auditor will inspect System/Firewall Configurations Your Network Diagram 6/21/2011 12
2 Do not use vendor-supplied defaults for passwords. Develop configuration standards. GoGrid Root Account for the cloud server is assigned strong password Gazzang MySQL Linux account has strong initial password Only local mysql root is created Strong Initial Password is enforced Configuration for MySQL is Secured Added Access File Protection The Auditor will Interview staff, review documentation, view setup 6/21/2011 13
3 Protect stored data Gazzang Allows you to ,[object Object]
Encrypt individual tables
Encrypt related files (log files)
Control who can decrypt the data, beyond normal database and file system protections.
Manage and secure keys6/21/2011 14
3 Protect stored data The Auditor For requirement 3 the Auditor is looking at the entire data lifecycle related to Card Data, Authentication Data, Key Management Protecting Data, Verification Codes and much more. You Will need to document explain and show that process to the auditor. For Req 3 Sections 4, 5, and 6 are often the trickiest 6/21/2011 Copyright © 2009 Anue Systems, Inc. -- CONFIDENTIAL 15
3 Protect stored data Gazzang ezNcrypthelps Access control ,[object Object]
3.4.1.a If disk encryption is used, verify that logical access to encrypted file systems is implemented via a mechanism that is separate from the native OS mechanisms6/21/2011 Copyright © 2009 Anue Systems, Inc. -- CONFIDENTIAL 16
3 Protect stored data Gazzang ezNcrypthelps Secure key management procedures ,[object Object]
PCI 3.6 - Fully document and implement all key-management processes and procedures for cryptographic keys used for encryption of cardholder data6/21/2011 Copyright © 2009 Anue Systems, Inc. -- CONFIDENTIAL 17 3.6.1 - The auditor can verify that procedures are implemented that require automated generation of strong keys using ezNcrypt
4 Encrypt transmission of cardholder data across public networks You Verify the use of encryption (for example, SSL/TLS or IPSEC) wherever cardholder data is transmitted or received over open, public networks Use MySQL SSL Require SSL Connections in MySQL Access Control Settings for any “remote” User GoGrid Provides tools to implement SSL, Site-to-Site or IPSec 6/21/2011 18
4 Encrypt transmission of cardholder data across public networks Gazzang Cloud data storage in cloud systems sends data across the network to storage With ezNcrypt your critical data is encrypted before it moves into the physical file system – All data from ezNcryptis encrypted across the network or through other devices that could be monitored or tapped. 6/21/2011 19
5 Use and regularly update anti-virus software The Auditor will Verify that all OS types commonly affected by malicious software have anti-virus software implemented. You Make sure AV is setup and deployed properly GoGrid Optional Cisco Adaptive Security Appliance Firewall Offers Anti-virus protection 6/21/2011 20 X
6 Develop and maintain secure systems and applications Gazzang Helps By Adding a new layer of security As-Is the system is more secure You will be downloading the latest MySQL Version We will secure the configuration and protect the data and logs GoGrid The base GoGrid Cloud Server Images are clean Free from malware or viruses Free from undesirable “products” or “services” 6/21/2011 21
7 Restrict access to data by business need-to-know Gazzang Helps meet this By Restricting Access using encryption, key control, and application only access controls Linux Users can’t read the data – only MySQL GoGrid Strong initial root password Allows customers to manage local server credentials themselves 6/21/2011 22
8 Assign a unique ID to each person with computer access You Need to manage your users Create a unique login for each user with access to the server Create unique accounts within MySQL and Linux Limit access to only what the account requires The Auditor Will want reports on each of the systems Who, What Authentication methods Will verify documentation on processes and procedures 6/21/2011 23
8.3 - Incorporate two-factor authentication for remote access (network-level access originating from outside the network) to the network by employees, administrators, and third parties. GoGrid GoGrid provides hardware firewalls that allow for the implementation of site-to-site, or IPSec VPNs Two-factor - Requiring user/password and certificate 6/21/2011 24 8 Assign a unique ID to each person with computer access
9 Restrict physical access to cardholder data The 3 Gs – Guards, Guns, and Gates Access to physical equipment GoGrid Sets the security bar high in the area GoGrid is a SAS70 Type II certified facility Physical equipment is monitored by guards Access is highly restricted by electronic IDs and other physical means Three forms of authentication are required to get access. 6/21/2011 25
10 Track and monitor all access to network resources and cardholder data You Will need to show auditor that you have the process to collect, track, and monitor your environment GoGrid Tracks and monitors up to the customer's environment The Auditor Will inspect all of the above 6/21/2011 26

Empfohlen

Securing Open Source Databases
Securing Open Source DatabasesSecuring Open Source Databases
Securing Open Source DatabasesGazzang
 
CIO Cloud Security Checklist
CIO Cloud Security ChecklistCIO Cloud Security Checklist
CIO Cloud Security ChecklistDruva
 
SGSB Webcast 2 : Smart grid and data security
SGSB Webcast 2 : Smart grid and data securitySGSB Webcast 2 : Smart grid and data security
SGSB Webcast 2 : Smart grid and data securityAndy Bochman
 
Our Software
Our SoftwareOur Software
Our SoftwareAssurance Screening
 
Oracle database 12c security and compliance
Oracle database 12c security and complianceOracle database 12c security and compliance
Oracle database 12c security and complianceFITSFSd
 
Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2Oracle BH
 
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteOracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteEdgar Alejandro Villegas
 
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...InSync2011
 

Empfohlen

Securing Open Source Databases
Securing Open Source DatabasesSecuring Open Source Databases
Securing Open Source DatabasesGazzang
 
CIO Cloud Security Checklist
CIO Cloud Security ChecklistCIO Cloud Security Checklist
CIO Cloud Security ChecklistDruva
 
SGSB Webcast 2 : Smart grid and data security
SGSB Webcast 2 : Smart grid and data securitySGSB Webcast 2 : Smart grid and data security
SGSB Webcast 2 : Smart grid and data securityAndy Bochman
 
Our Software
Our SoftwareOur Software
Our SoftwareAssurance Screening
 
Oracle database 12c security and compliance
Oracle database 12c security and complianceOracle database 12c security and compliance
Oracle database 12c security and complianceFITSFSd
 
Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2Oracle BH
 
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteOracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteEdgar Alejandro Villegas
 
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...InSync2011
 
PCI Compliance Evolved
PCI Compliance EvolvedPCI Compliance Evolved
PCI Compliance EvolvedSafeNet
 
PCI Compliance in the Cloud
PCI Compliance in the CloudPCI Compliance in the Cloud
PCI Compliance in the CloudKimberly Simon MBA
 
Wave 14 - Winodws 7 Security Story Core by MVP Azra Rizal
Wave 14 - Winodws 7 Security Story Core by MVP Azra RizalWave 14 - Winodws 7 Security Story Core by MVP Azra Rizal
Wave 14 - Winodws 7 Security Story Core by MVP Azra RizalQuek Lilian
 
How to Simplify PCI DSS Compliance with AlienVault USM
How to Simplify PCI DSS Compliance with AlienVault USMHow to Simplify PCI DSS Compliance with AlienVault USM
How to Simplify PCI DSS Compliance with AlienVault USMAlienVault
 
Cloud Security Introduction
Cloud Security IntroductionCloud Security Introduction
Cloud Security IntroductionGLC Networks
 
Otx introduction sw
Otx introduction swOtx introduction sw
Otx introduction swAlienVault
 
Lets talk about soc2s, baby! BSidesLV 2021
Lets talk about soc2s, baby! BSidesLV 2021Lets talk about soc2s, baby! BSidesLV 2021
Lets talk about soc2s, baby! BSidesLV 2021Wendy Knox Everette
 
Nagios Conference 2014 - Sean Falzon - Nagios as a PC Health Monitor
Nagios Conference 2014 - Sean Falzon - Nagios as a PC Health MonitorNagios Conference 2014 - Sean Falzon - Nagios as a PC Health Monitor
Nagios Conference 2014 - Sean Falzon - Nagios as a PC Health MonitorNagios
 
Database security
Database securityDatabase security
Database securityArpana shree
 
SafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server EncryptionSafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server EncryptionSafeNet
 
Database security issues
Database security issuesDatabase security issues
Database security issuesn|u - The Open Security Community
 
Configuring Data Sources in AlienVault
Configuring Data Sources in AlienVaultConfiguring Data Sources in AlienVault
Configuring Data Sources in AlienVaultAlienVault
 
Windows 7 by microsoft
Windows 7 by microsoft Windows 7 by microsoft
Windows 7 by microsoft Kenneth Endfinger
 
SIEM
SIEMSIEM
SIEMNapier University
 
Ingres database and compliance
Ingres database and complianceIngres database and compliance
Ingres database and complianceActian Corporation
 
Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6Mukesh Chinta
 
Database Security, Better Audits, Lower Costs
Database Security, Better Audits, Lower CostsDatabase Security, Better Audits, Lower Costs
Database Security, Better Audits, Lower CostsImperva
 
Database security
Database securityDatabase security
Database securitySoftware Engineering
 
The Top Cloud Security Issues
The Top Cloud Security IssuesThe Top Cloud Security Issues
The Top Cloud Security IssuesHTS Hosting
 
Database Systems Security
Database Systems SecurityDatabase Systems Security
Database Systems Securityamiable_indian
 
Gazzang pci v1[1]
Gazzang pci v1[1]Gazzang pci v1[1]
Gazzang pci v1[1]Gazzang
 
ArchivePod a legacy data solution when migrating to the #CLOUD
ArchivePod a legacy data solution when migrating to the #CLOUDArchivePod a legacy data solution when migrating to the #CLOUD
ArchivePod a legacy data solution when migrating to the #CLOUDGaret Keller
 

Weitere ähnliche Inhalte

Was ist angesagt?

PCI Compliance Evolved
PCI Compliance EvolvedPCI Compliance Evolved
PCI Compliance EvolvedSafeNet
 
Wave 14 - Winodws 7 Security Story Core by MVP Azra Rizal
Wave 14 - Winodws 7 Security Story Core by MVP Azra RizalWave 14 - Winodws 7 Security Story Core by MVP Azra Rizal
Wave 14 - Winodws 7 Security Story Core by MVP Azra RizalQuek Lilian
 
How to Simplify PCI DSS Compliance with AlienVault USM
How to Simplify PCI DSS Compliance with AlienVault USMHow to Simplify PCI DSS Compliance with AlienVault USM
How to Simplify PCI DSS Compliance with AlienVault USMAlienVault
 
Cloud Security Introduction
Cloud Security IntroductionCloud Security Introduction
Cloud Security IntroductionGLC Networks
 
Otx introduction sw
Otx introduction swOtx introduction sw
Otx introduction swAlienVault
 
Lets talk about soc2s, baby! BSidesLV 2021
Lets talk about soc2s, baby! BSidesLV 2021Lets talk about soc2s, baby! BSidesLV 2021
Lets talk about soc2s, baby! BSidesLV 2021Wendy Knox Everette
 
Nagios Conference 2014 - Sean Falzon - Nagios as a PC Health Monitor
Nagios Conference 2014 - Sean Falzon - Nagios as a PC Health MonitorNagios Conference 2014 - Sean Falzon - Nagios as a PC Health Monitor
Nagios Conference 2014 - Sean Falzon - Nagios as a PC Health MonitorNagios
 
SafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server EncryptionSafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server EncryptionSafeNet
 
Configuring Data Sources in AlienVault
Configuring Data Sources in AlienVaultConfiguring Data Sources in AlienVault
Configuring Data Sources in AlienVaultAlienVault
 
Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6Mukesh Chinta
 
Database Security, Better Audits, Lower Costs
Database Security, Better Audits, Lower CostsDatabase Security, Better Audits, Lower Costs
Database Security, Better Audits, Lower CostsImperva
 
The Top Cloud Security Issues
The Top Cloud Security IssuesThe Top Cloud Security Issues
The Top Cloud Security IssuesHTS Hosting
 
Database Systems Security
Database Systems SecurityDatabase Systems Security
Database Systems Securityamiable_indian
 

Was ist angesagt? (20)

PCI Compliance Evolved
PCI Compliance EvolvedPCI Compliance Evolved
PCI Compliance Evolved
 
PCI Compliance in the Cloud
PCI Compliance in the CloudPCI Compliance in the Cloud
PCI Compliance in the Cloud
 
Wave 14 - Winodws 7 Security Story Core by MVP Azra Rizal
Wave 14 - Winodws 7 Security Story Core by MVP Azra RizalWave 14 - Winodws 7 Security Story Core by MVP Azra Rizal
Wave 14 - Winodws 7 Security Story Core by MVP Azra Rizal
 
How to Simplify PCI DSS Compliance with AlienVault USM
How to Simplify PCI DSS Compliance with AlienVault USMHow to Simplify PCI DSS Compliance with AlienVault USM
How to Simplify PCI DSS Compliance with AlienVault USM
 
Cloud Security Introduction
Cloud Security IntroductionCloud Security Introduction
Cloud Security Introduction
 
Otx introduction sw
Otx introduction swOtx introduction sw
Otx introduction sw
 
Lets talk about soc2s, baby! BSidesLV 2021
Lets talk about soc2s, baby! BSidesLV 2021Lets talk about soc2s, baby! BSidesLV 2021
Lets talk about soc2s, baby! BSidesLV 2021
 
Nagios Conference 2014 - Sean Falzon - Nagios as a PC Health Monitor
Nagios Conference 2014 - Sean Falzon - Nagios as a PC Health MonitorNagios Conference 2014 - Sean Falzon - Nagios as a PC Health Monitor
Nagios Conference 2014 - Sean Falzon - Nagios as a PC Health Monitor
 
Database security
Database securityDatabase security
Database security
 
SafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server EncryptionSafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server Encryption
 
Database security issues
Database security issuesDatabase security issues
Database security issues
 
Configuring Data Sources in AlienVault
Configuring Data Sources in AlienVaultConfiguring Data Sources in AlienVault
Configuring Data Sources in AlienVault
 
Windows 7 by microsoft
Windows 7 by microsoft Windows 7 by microsoft
Windows 7 by microsoft
 
SIEM
SIEMSIEM
SIEM
 
Ingres database and compliance
Ingres database and complianceIngres database and compliance
Ingres database and compliance
 
Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6
 
Database Security, Better Audits, Lower Costs
Database Security, Better Audits, Lower CostsDatabase Security, Better Audits, Lower Costs
Database Security, Better Audits, Lower Costs
 
Database security
Database securityDatabase security
Database security
 
The Top Cloud Security Issues
The Top Cloud Security IssuesThe Top Cloud Security Issues
The Top Cloud Security Issues
 
Database Systems Security
Database Systems SecurityDatabase Systems Security
Database Systems Security
 

Ähnlich wie PCI Compliance with GoGrid and Gazzang

Gazzang pci v1[1]
Gazzang pci v1[1]Gazzang pci v1[1]
Gazzang pci v1[1]Gazzang
 
ArchivePod a legacy data solution when migrating to the #CLOUD
ArchivePod a legacy data solution when migrating to the #CLOUDArchivePod a legacy data solution when migrating to the #CLOUD
ArchivePod a legacy data solution when migrating to the #CLOUDGaret Keller
 
CipherCloud for Any App
CipherCloud for Any AppCipherCloud for Any App
CipherCloud for Any AppCipherCloud
 
Hybrid Cryptography Algorithm Based Secured Storage Android App
Hybrid Cryptography Algorithm Based Secured Storage Android AppHybrid Cryptography Algorithm Based Secured Storage Android App
Hybrid Cryptography Algorithm Based Secured Storage Android AppIRJET Journal
 
Cisco cybersecurity essentials chapter - 2
Cisco cybersecurity essentials chapter - 2Cisco cybersecurity essentials chapter - 2
Cisco cybersecurity essentials chapter - 2Mukesh Chinta
 
Simplifying Data Governance and Security with a Logical Data Fabric (ASEAN)
Simplifying Data Governance and Security with a Logical Data Fabric (ASEAN)Simplifying Data Governance and Security with a Logical Data Fabric (ASEAN)
Simplifying Data Governance and Security with a Logical Data Fabric (ASEAN)Denodo
 
Security Best Practices for Your Ignition System
Security Best Practices for Your Ignition SystemSecurity Best Practices for Your Ignition System
Security Best Practices for Your Ignition SystemInductive Automation
 
IBM Share Conference 2010, Boston, Ulf Mattsson
IBM Share Conference 2010, Boston, Ulf MattssonIBM Share Conference 2010, Boston, Ulf Mattsson
IBM Share Conference 2010, Boston, Ulf MattssonUlf Mattsson
 
DG_Architecture_Training.pptx
DG_Architecture_Training.pptxDG_Architecture_Training.pptx
DG_Architecture_Training.pptxTranVu383073
 
HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소GE코리아
 
Pci dss-compliance
Pci dss-compliancePci dss-compliance
Pci dss-compliancefaisal_ss1
 
CSE_Instructor_Materials_Chapter7.pptx
CSE_Instructor_Materials_Chapter7.pptxCSE_Instructor_Materials_Chapter7.pptx
CSE_Instructor_Materials_Chapter7.pptxMohammad512578
 
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...Denodo
 
ClouDoc brochure_eng_20160708
ClouDoc brochure_eng_20160708ClouDoc brochure_eng_20160708
ClouDoc brochure_eng_20160708sang yoo
 
Security Lock Down Your Computer Like the National Security Agency (NSA)
Security Lock Down Your Computer Like the National Security Agency (NSA)Security Lock Down Your Computer Like the National Security Agency (NSA)
Security Lock Down Your Computer Like the National Security Agency (NSA)José Ferreiro
 
Biznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital ForensicsBiznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital ForensicsYusuf Hadiwinata Sutandar
 
Security hardening and drown attack prevention for mobile backend developers
Security hardening and drown attack prevention for mobile backend developersSecurity hardening and drown attack prevention for mobile backend developers
Security hardening and drown attack prevention for mobile backend developersJiri Danihelka
 
New York Metro ISSA - PCI DSS Compliance - Ulf Mattsson 2009
New York Metro ISSA - PCI DSS Compliance - Ulf Mattsson 2009New York Metro ISSA - PCI DSS Compliance - Ulf Mattsson 2009
New York Metro ISSA - PCI DSS Compliance - Ulf Mattsson 2009Ulf Mattsson
 
Intel software guard extension
Intel software guard extensionIntel software guard extension
Intel software guard extensionDESMOND YUEN
 
IRJET- Securing Cloud Data Under Key Exposure
IRJET- Securing Cloud Data Under Key ExposureIRJET- Securing Cloud Data Under Key Exposure
IRJET- Securing Cloud Data Under Key ExposureIRJET Journal
 

Ähnlich wie PCI Compliance with GoGrid and Gazzang (20)

Gazzang pci v1[1]
Gazzang pci v1[1]Gazzang pci v1[1]
Gazzang pci v1[1]
 
ArchivePod a legacy data solution when migrating to the #CLOUD
ArchivePod a legacy data solution when migrating to the #CLOUDArchivePod a legacy data solution when migrating to the #CLOUD
ArchivePod a legacy data solution when migrating to the #CLOUD
 
CipherCloud for Any App
CipherCloud for Any AppCipherCloud for Any App
CipherCloud for Any App
 
Hybrid Cryptography Algorithm Based Secured Storage Android App
Hybrid Cryptography Algorithm Based Secured Storage Android AppHybrid Cryptography Algorithm Based Secured Storage Android App
Hybrid Cryptography Algorithm Based Secured Storage Android App
 
Cisco cybersecurity essentials chapter - 2
Cisco cybersecurity essentials chapter - 2Cisco cybersecurity essentials chapter - 2
Cisco cybersecurity essentials chapter - 2
 
Simplifying Data Governance and Security with a Logical Data Fabric (ASEAN)
Simplifying Data Governance and Security with a Logical Data Fabric (ASEAN)Simplifying Data Governance and Security with a Logical Data Fabric (ASEAN)
Simplifying Data Governance and Security with a Logical Data Fabric (ASEAN)
 
Security Best Practices for Your Ignition System
Security Best Practices for Your Ignition SystemSecurity Best Practices for Your Ignition System
Security Best Practices for Your Ignition System
 
IBM Share Conference 2010, Boston, Ulf Mattsson
IBM Share Conference 2010, Boston, Ulf MattssonIBM Share Conference 2010, Boston, Ulf Mattsson
IBM Share Conference 2010, Boston, Ulf Mattsson
 
DG_Architecture_Training.pptx
DG_Architecture_Training.pptxDG_Architecture_Training.pptx
DG_Architecture_Training.pptx
 
HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소
 
Pci dss-compliance
Pci dss-compliancePci dss-compliance
Pci dss-compliance
 
CSE_Instructor_Materials_Chapter7.pptx
CSE_Instructor_Materials_Chapter7.pptxCSE_Instructor_Materials_Chapter7.pptx
CSE_Instructor_Materials_Chapter7.pptx
 
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...
 
ClouDoc brochure_eng_20160708
ClouDoc brochure_eng_20160708ClouDoc brochure_eng_20160708
ClouDoc brochure_eng_20160708
 
Security Lock Down Your Computer Like the National Security Agency (NSA)
Security Lock Down Your Computer Like the National Security Agency (NSA)Security Lock Down Your Computer Like the National Security Agency (NSA)
Security Lock Down Your Computer Like the National Security Agency (NSA)
 
Biznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital ForensicsBiznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital Forensics
 
Security hardening and drown attack prevention for mobile backend developers
Security hardening and drown attack prevention for mobile backend developersSecurity hardening and drown attack prevention for mobile backend developers
Security hardening and drown attack prevention for mobile backend developers
 
New York Metro ISSA - PCI DSS Compliance - Ulf Mattsson 2009
New York Metro ISSA - PCI DSS Compliance - Ulf Mattsson 2009New York Metro ISSA - PCI DSS Compliance - Ulf Mattsson 2009
New York Metro ISSA - PCI DSS Compliance - Ulf Mattsson 2009
 
Intel software guard extension
Intel software guard extensionIntel software guard extension
Intel software guard extension
 
IRJET- Securing Cloud Data Under Key Exposure
IRJET- Securing Cloud Data Under Key ExposureIRJET- Securing Cloud Data Under Key Exposure
IRJET- Securing Cloud Data Under Key Exposure
 

Kürzlich hochgeladen

[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFMichael Gough
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxfnnc6jmgwh
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...amber724300
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialJoão Esperancinha
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessWSO2
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 

Kürzlich hochgeladen (20)

[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDF
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorial
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with Platformless
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 

PCI Compliance with GoGrid and Gazzang

  • 1. Essentials of PCI AssessmentSucceeding with GoGrid and Gazzang Paul Lancaster, Manager Cloud Ecosystem, GoGrid Mike Frank, Director of Products, Gazzang
  • 2. About GoGrid A Leader in the IaaS Market The #1 “pure-play” IaaS provider in the world Strong Track Record of “First-To-Market” Features World-class platform for infrastructure management Over 10,000 Customers Across All Industries GoGrid owns 100% of its IP GoGrid is not a reseller Extensible IP & Technology Platform Lower Cost of Goods – Margin Control “Top 10 Best Cloud Computing Providers” “Market Leader” “Visionary” Magic Quadrant “10 Cloud Computing Companies to Watch” 2
  • 3. GoGrid is Driving Cloud Adoption Enabling Cloud Adoption
  • 4. Overview What to expect - preparing for an audit The GoGrid and Gazzang combined solution Mapping into the 12 PCI sections Examples/Ideas before your PCI Audit Q&A 6/21/2011 4
  • 5. PCI (Payment Card Industry) Created by major credit card issuers to  Protect personal information  Ensure security when transactions are processed  Members of the payment card industry are financial institutions, credit card companies and merchants Required to comply with these standards Failure to meet compliance standards can result in Fines from credit card companies and banks Loss of the ability to process credit cards. 6/21/2011 5
  • 6. PCI PCI (Payment Card Industry) DSS (Data Security Standard) The PCI assessment process focuses solely on the security of cardholder data Has a company effectively implemented information security policies and processes? Are there adequate security measures that comply with the requirements to protect cardholder data? 6/21/2011 6
  • 7. PCI Assessments Determine if you are employing payment industry best-practices Assessment result in Recommendations & Remediation to Processes Procedures System configurations Vulnerabilities The “Fixes” needed to comply 6/21/2011 7
  • 8.
  • 9. Sits between the storage engine and file system
  • 10. Encrypts data before it hits the disk.6/21/2011 8 Gazzang - All rights reserved 2011
  • 11. Key Storage System (KSS) Gazzangs KSS “service” runs in the GoGrid Clouds East and West Currently Highly Available – uses F5 Solution for “Where do I store my key?” Multiple layers of security ensure that your key is protected and available when you need it. 6/21/2011 9 © Gazzang, Inc. -- CONFIDENTIAL -- 9
  • 12. PCI Security Problems Gazzang Helps Solve Unauthorized attempts to read data off the database files Theft of the data files Tampering of data Protection of data on tapes and backups Data at Rest - Protecting disks In case physical hardware is stolen or incorrectly disposed Key Protection Automated, Zero Maintenance Key Management Encrypts, Protects and Secures MySQL 6/21/2011 Gazzang - All rights reserved 2011 10
  • 13. The PCI “12” Install and maintain a firewall Do not use vendor-supplied defaults for passwords. Develop configuration standards. Protect stored data Encrypt transmission of cardholder data across public networks Use and regularly update anti-virus software Develop and maintain secure systems and applications Restrict access to data by business need-to-know Assign a unique ID to each person with computer access Restrict physical access to cardholder data Track and monitor all access to network resources and cardholder data Systems should be tested to ensure security is maintained over time and through changes Maintain an information security policy 6/21/2011 11
  • 14. 1 Install and maintain a firewall GoGrid FortinetFirewall 100,000 concurrent sessions Unlimited IP addresses in a trusted interface Choice of one VPN: SSL, Site-to-Site or IPSec Ability to add additional VPNs at any time Cisco ASA 5510 dedicated hardware firewall The Auditor will inspect System/Firewall Configurations Your Network Diagram 6/21/2011 12
  • 15. 2 Do not use vendor-supplied defaults for passwords. Develop configuration standards. GoGrid Root Account for the cloud server is assigned strong password Gazzang MySQL Linux account has strong initial password Only local mysql root is created Strong Initial Password is enforced Configuration for MySQL is Secured Added Access File Protection The Auditor will Interview staff, review documentation, view setup 6/21/2011 13
  • 16.
  • 18. Encrypt related files (log files)
  • 19. Control who can decrypt the data, beyond normal database and file system protections.
  • 20. Manage and secure keys6/21/2011 14
  • 21. 3 Protect stored data The Auditor For requirement 3 the Auditor is looking at the entire data lifecycle related to Card Data, Authentication Data, Key Management Protecting Data, Verification Codes and much more. You Will need to document explain and show that process to the auditor. For Req 3 Sections 4, 5, and 6 are often the trickiest 6/21/2011 Copyright © 2009 Anue Systems, Inc. -- CONFIDENTIAL 15
  • 22.
  • 23. 3.4.1.a If disk encryption is used, verify that logical access to encrypted file systems is implemented via a mechanism that is separate from the native OS mechanisms6/21/2011 Copyright © 2009 Anue Systems, Inc. -- CONFIDENTIAL 16
  • 24.
  • 25. PCI 3.6 - Fully document and implement all key-management processes and procedures for cryptographic keys used for encryption of cardholder data6/21/2011 Copyright © 2009 Anue Systems, Inc. -- CONFIDENTIAL 17 3.6.1 - The auditor can verify that procedures are implemented that require automated generation of strong keys using ezNcrypt
  • 26. 4 Encrypt transmission of cardholder data across public networks You Verify the use of encryption (for example, SSL/TLS or IPSEC) wherever cardholder data is transmitted or received over open, public networks Use MySQL SSL Require SSL Connections in MySQL Access Control Settings for any “remote” User GoGrid Provides tools to implement SSL, Site-to-Site or IPSec 6/21/2011 18
  • 27. 4 Encrypt transmission of cardholder data across public networks Gazzang Cloud data storage in cloud systems sends data across the network to storage With ezNcrypt your critical data is encrypted before it moves into the physical file system – All data from ezNcryptis encrypted across the network or through other devices that could be monitored or tapped. 6/21/2011 19
  • 28. 5 Use and regularly update anti-virus software The Auditor will Verify that all OS types commonly affected by malicious software have anti-virus software implemented. You Make sure AV is setup and deployed properly GoGrid Optional Cisco Adaptive Security Appliance Firewall Offers Anti-virus protection 6/21/2011 20 X
  • 29. 6 Develop and maintain secure systems and applications Gazzang Helps By Adding a new layer of security As-Is the system is more secure You will be downloading the latest MySQL Version We will secure the configuration and protect the data and logs GoGrid The base GoGrid Cloud Server Images are clean Free from malware or viruses Free from undesirable “products” or “services” 6/21/2011 21
  • 30. 7 Restrict access to data by business need-to-know Gazzang Helps meet this By Restricting Access using encryption, key control, and application only access controls Linux Users can’t read the data – only MySQL GoGrid Strong initial root password Allows customers to manage local server credentials themselves 6/21/2011 22
  • 31. 8 Assign a unique ID to each person with computer access You Need to manage your users Create a unique login for each user with access to the server Create unique accounts within MySQL and Linux Limit access to only what the account requires The Auditor Will want reports on each of the systems Who, What Authentication methods Will verify documentation on processes and procedures 6/21/2011 23
  • 32. 8.3 - Incorporate two-factor authentication for remote access (network-level access originating from outside the network) to the network by employees, administrators, and third parties. GoGrid GoGrid provides hardware firewalls that allow for the implementation of site-to-site, or IPSec VPNs Two-factor - Requiring user/password and certificate 6/21/2011 24 8 Assign a unique ID to each person with computer access
  • 33. 9 Restrict physical access to cardholder data The 3 Gs – Guards, Guns, and Gates Access to physical equipment GoGrid Sets the security bar high in the area GoGrid is a SAS70 Type II certified facility Physical equipment is monitored by guards Access is highly restricted by electronic IDs and other physical means Three forms of authentication are required to get access. 6/21/2011 25
  • 34. 10 Track and monitor all access to network resources and cardholder data You Will need to show auditor that you have the process to collect, track, and monitor your environment GoGrid Tracks and monitors up to the customer's environment The Auditor Will inspect all of the above 6/21/2011 26
  • 35. 11 Systems should be tested to ensure security is maintained over time and through changes GoGrid Images are reviewed and updated regularly GoGrid allows for customers to maintain images of their servers Gazzang Starts from the GoGrid Image Protects MySQLs files – increasing your security level 6/21/2011 27
  • 36. 12 Maintain an Information Security Policy You Establish, publish, maintain, and disseminate a security policy Auditors Will examine this information and see that it addresses all of the PCI requirements 6/21/2011 28
  • 37. Have your documentation ready Network Diagram PCI Policies and Standards Documentation Antivirus Internal/External Scans Logging and Monitoring Penetration Test Results System Configurations 6/21/2011 29
  • 38. Design a Secure System andDiagram your Credit Card Dataflow 6/21/2011 30 Web Site Consumer Card Processing Merchant Bank Cardholder Bank
  • 39.
  • 47. GoGridFortinet or Cisco ASA6/21/2011 31
  • 48. Create a List 6/21/2011 Copyright © 2009 Anue Systems, Inc. -- CONFIDENTIAL 32 Critical Hardware and Software
  • 49. Conclusion There are many steps to PCI PCI provides the groundwork broader security “best practices” Gazzang’s ezNcrypt helps solve some of the more daunting challenges with an easy to implement robust solution GoGrid Provides a secure infrastructure for running PCI Thanks for your time 6/21/2011 33
  • 50. Contact Information / Resources White Paper http://go.gogrid.com/whitepapers/complying-with-pci More about Gazzang- www.gazzang.com More About GoGrid - www.gogrid.com For more information - info@gazzang.com Contact- mike.frank@gazzang.com 6/21/2011 34

Hinweis der Redaktion

  1. MICHAEL
  2. MICHAELWhat GG provides“Multi faceted infrastructure”