ScriptLogic Solutions Make PCI Compliance Easier For IT Administrators

ScriptLogic Corporation (www.scriptlogic.com), a leading provider of systems lifecycle management solutions for Microsoft® Windows®-based networks, today released the latest versions of two products, Enterprise Security Reporter® 3.7 and File System Auditor™ 2.5, with enhancements that help IT administrators and their companies comply with rules dictated by the Payment Card Industry Data Security Standard (PCI DSS).

To combat security breaches in which customers’ personal and financial data have been compromised, several payment processing companies developed PCI DSS, which establishes common processes and precautions for handling, processing, storing and transmitting credit card data. Several ScriptLogic products assist PCI compliance efforts by closely controlling credit card information or creating reports to demonstrate that controls are in place.

"ScriptLogic’s solutions help IT administrators meet PCI rules, which apply to any company–regardless of size–that processes or handles credit card information,” said Nick Cavalancia, vice president of Windows management, ScriptLogic. "Numerous ScriptLogic customers, including law firms, healthcare organizations and small businesses within other industries have incorporated our solutions into their compliance processes. Today’s announcement brings them new features to simplify those efforts.”

While no single software product can address all PCI compliance requirements, new versions of two ScriptLogic solutions play an essential role in managing internal controls:

Enterprise Security Reporter 3.7: Enterprise Security Reporter, an agent-less reporting solution, audits, analyzes and reports on security settings in Active Directory, Windows file servers, SharePoint® and SQL servers. With a large number of turnkey reports and a wizard-based report designer, IT administrators can quickly and easily generate and customize reports highlighting specific information they need. Enterprise Security Reporter 3.7 features a new report pack that maps more than 60 existing reports to the PCI requirements that they support. The list of reports and related PCI requirements is outlined within a ScriptLogic-authored white paper on PCI Compliance, detailed later in this release.

File System Auditor 2.5: File System Auditor audits and reports on file activity on Windows servers. IT administrators can create formatted reports and alerts showing who touched which files and folders, when and on what servers. File system auditing is a key component of PCI compliance, enforcing such requirements as implementing audit trails of access to cardholder data and deploying file integrity monitoring software. New auditing features of File System Auditor 2.5 include:

• IP Address and Workstation Auditing: to determine which user made a change and where the user was logged in at the time of the change; and,
• Share auditing: to ensure that access to shared folders is maintained by capturing all events related to folders, users that have access and actions within those folders, including deletions and security modifications.

Other ScriptLogic products aid compliance with PCI requirements:

Active Administrator®: To establish proper security in Active Directory and audit usage, IT administrators rely on ScriptLogic’s comprehensive Active Directory management solution, which reduces the complexity of Active Directory security, delegation, group policies and recoverability.

Desktop Authority® and Desktop Authority Password Self-Service: The Desktop Authority product line delivers comprehensive desktop management. Using these products, IT administrators address PCI compliance requirements related to desktop configuration, including using and updating anti-virus software, blocking access to removable storage and devices, testing and applying patches to workstations and servers, locking inactive workstations and establishing password reset parameters.

Security Explorer®: ScriptLogic’s Security Explorer manages access controls and security on Windows file servers, SQL servers and SharePoint servers, making it easy to disable unnecessary services, centrally establish permissions and manage service account passwords, all PCI compliance requirements.

"ScriptLogic’s solutions have been an integral part of our PCI compliance strategy, specifically helping us audit access to servers where consumer data is securely stored,” said Jason Millenacker, network and system administrator for Lighthouse1. "We’ve taken a proactive, comprehensive approach to protecting credit card information for the nearly two million consumers served by our customers, which involves many technologies and ScriptLogic’s solutions as a vital component.”

ScriptLogic Outlines Steps to Assist with PCI Compliance

For more information about the data security requirements set forth by PCI DSS and a detailed description of how to use ScriptLogic solutions to meet those requirements, ScriptLogic’s Nick Cavalancia drafted a product positioning paper, "Implementing PCI Compliance with ScriptLogic.” To download the whitepaper for free, please visit: http://www.scriptlogic.com/Compliance/whitepapers/Implementing-PCI-Compliance-Controls-with-ScriptLogic.pdf.

Pricing and Availability

Enterprise Security Reporter 3.7 and File System Auditor 2.5 are available immediately and priced on a per server basis. Users with active maintenance can receive a free upgrade to either product.

For a comprehensive approach to compliance, ScriptLogic’s File Server Compliance Solution is available at a discounted price and includes Enterprise Security Reporter, File System Auditor and Security Explorer. These products are available in a single download, and a free 30-day evaluation of these and all software solutions from ScriptLogic is available at www.scriptlogic.com.

About ScriptLogic

ScriptLogic Corporation, a wholly owned subsidiary of Quest Software (Nasdaq: QSFT), is a recognized leader in Microsoft Windows systems and security management. Empowering more than 27,000 customers worldwide with the ability to manage the desktop lifecycle, streamline Active Directory management, secure and protect Windows servers, and ease the burden for help desk administrators, ScriptLogic’s award winning solution families can benefit small to enterprise-size organizations in any industry.

For more information on how you can capitalize on your existing IT investments for Desktop Management, Active Directory Management, Windows Server Management and Help Desk Management, please contact us. ScriptLogic is headquartered in Boca Raton, Florida, with offices around the world. You can also reach ScriptLogic at (561) 886-2400 or on the Web at http://www.scriptlogic.com.

ScriptLogic, Active Administrator, Desktop Authority, Enterprise Security Reporter, File System Auditor and Security Explorer and the ScriptLogic logo are trademarks or registered trademarks of ScriptLogic Corporation in the United States and certain other countries. Microsoft, SharePoint and Windows are registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. All other trademarks and registered trademarks are property of their respective owners.