Solidcore Announces First Integrity Monitoring And PCI Compliance Solution For IBM 4690 Retail POS Environments

Solidcore® Systems, Inc., the leader in securing retail and point-of-service systems, recently announced its Integrity Monitoring Solution for IBM 4690 point of sale (POS) environments. The solution is the first of its kind to monitor and alert on changes to IBM 4690 POS Controllers, which provide both the application and operating system images to the client terminals in many of today's retail environments. IBM 4690 systems represent a large install-base of retail POS systems and Solidcore's capabilities for monitoring the integrity of these systems will help retailers using these systems to quickly verify Payment Card Industry (PCI) compliance.

According to Greg Buzek, president of the IHL Group, "IBM 4690 POS terminal sales drove $1.02B in hardware, software, and maintenance in 2007, and there is a significant installed base within the category of superstores/warehouses and mass merchants that rely on this operating system with 64% of the installed base." While IBM 4690 technology has proven itself over time, meeting the intent of PCI compliance across these platforms has been difficult to accomplish. Solidcore's Integrity Monitoring for IBM 4690 provides the visibility, monitoring and audit reporting capabilities that retailers need to fulfill the PCI compliance mandates for alerting personnel to unauthorized modifications of critical system or content files.

"The importance of file integrity monitoring cannot be overlooked when it comes to PCI compliance," said Branden Williams, PCI practice director for VeriSign. "File integrity monitoring is a critical aspect of understanding the changes within payment systems and should be deployed as a best-practice regardless of the version of POS systems or terminals or terminals in use."

Solidcore provides the 4690 Integrity Monitoring solution with two distinct components. The first is the capability to assess a "gold" image of the POS Controller with field deployed images and report on any differences in executables. This feature allows for the creation of executive-level compliance reports that ease the audit process. The second component takes the initial baseline assessment and provides configurable alerting on changes to executables and files. This feature provides information on what is changing and can be a positive means for verifying that authorized changes, such as updated data files for coupon engines and pricing, are properly distributed to the POS Controllers. The retailer or a qualified security assessor (QSA) can provide the assessment and determine what level of granularity to focus on for monitoring authorized and unauthorized changes.

"Providing this immediate assurance that PCI compliance is being met across IBM 4690 environments is essential, and we are pleased to be the first to deliver this solution to retailers," said Anne Bonaparte, president and CEO of Solidcore. "Minimizing exposure to risk during the operational management of these critical retail POS Controllers is a significant reason why our largest customers are standardizing on Solidcore retail solutions in their stores."

These new capabilities are part of Solidcore's POS Check and Control solution, which provides a single interface for integrity monitoring across IBM 4690, Windows or Linux based POS environments. This simplifies the path to PCI compliance for retailers with heterogeneous environments.

About Solidcore
Solidcore is a leader in retail system security, change audit and configuration control. Organizations worldwide trust Solidcore to detect and prevent unwanted change for improving IT compliance, security and availability. Solidcore easily automates PCI controls and is a pioneer in dynamic whitelisting technology for locking down critical systems and preventing unauthorized change events. Solidcore is headquartered in Cupertino, California. For more information, please visit www.solidcore.com.

SOURCE: Solidcore Systems, Inc.