A major global finance organisation and highly valued client recently engaged the services of Agenor Technology to deliver a significant project to address critical issues on a key technology platform, and ensure compliance with the latest Payment Card Industry Data Security Standards.
The Payment Card Industry Data Security Standard (PCI DSS) is a complex standard of over 280 controls, introduced in 2005 by the Card Schemes (including Visa and MasterCard), which all organisations that store transmit, or process card data must comply with.
The controls are prescriptive, outlining the minimum requirements to achieve compliance and are designed to protect customers against fraudulent use of their card data. This project was part of a wider security and fraud programme to on-board the in-scope platforms that were identified by a wider governance project.
The Splunk shared service environment is an existing application platform within our clients organisation. We added two pairs of physical Indexers, three search heads and two deployment servers to the existing Splunk Shared services, to accommodate log data from the Project. There were no major application design changes, however changes in the application log settings were required to effectively capture the events in Splunk.
The team successfully implemented the application which securely collects, reformats and deciphers mainframe data and streams it into Splunk:
The team are now exploring other potential uses for the application such as enhanced monitoring of mainframe transactions and capacity. They have also identified previous production incidents that could have been identified at an earlier stage using the application, which would have significantly reduced the impact to customers.
The Agenor Team successfully overcame multiple hurdles to deliver the programme objectives for the client both on time and on budget. Benefits delivered included: