|
|
FAQ
- What is the Reliant Security MPS Redbox?
The MPS Redbox is a turnkey solution that merchants can deploy in their retail locations to achieve compliance with PCI Data Security Standards. Its “PCI-in-a Box” approach incorporates a range of system and network security technologies to simultaneously meet PCI technical control requirements.
- What controls does the MPS Redbox provide?
Each MPS Redbox is a Swiss Army knife for store systems security, providing the following critical PCI controls:
.
VPN
.
Firewall
.
IDS
.
Log Collection
.
Rogue Wireless Detection
.
POS System Integrity Management
. Vulnerability Management
- How is the MPS Redbox different from other, more traditional approaches to PCI compliance?
Traditional data security solutions for retail environments typically require a “mini-data center” approach that involves multiple security devices and applications integrated in customized configurations. The MPS Redbox represents an integrated and pragmatic approach to PCI compliance combining software, commodity hardware and virtualization in way that meets PCI compliance requirements at an affordable cost.
- How do I know the Reliant Security system is “PCI Compliant”?
The system has passed several Level 1 PCI Audits where compliance was validated by a QSAC. For more information visit the Compliance Review Section of the Reliant Security PCI Solution Whitepaper.
- Why do you do a store pilot prior to a full scale rollout?
We typically do a store pilot to establish a “gold standard” MPS Redbox build with customer-specific configuration tuning for firewall rules, IP schema, access controls, alerting criteria, etc. We test this build extensively to ensure that it will hold up across all stores in a retail chain. This investment pays significant returns downstream in the project by enabling us to build MPS Redboxes efficiently and minimize (and often eliminate) the involvement on onsite installers.
- How are MPS Redboxes deployed?
Reliant Security has pioneered a remote installation model for the MPS Redbox. MPS Redboxes are shipped pre-configured for “Plug and Play” operation. Once an MPS Redbox is connected to the store network, Reliant Security engineers access it remotely to perform final configuration, POS integration, testing and validation of PCI controls. In many cases, this is done working in conjunction with a store manager or POS support vendor.
- How are MPS Redboxes built and configured for “plug & play” operation?
Reliant Security has built proprietary software to automate the build process for MPS Redboxes and to maintain a database of each individual MPS Redbox configuration. We build approximately 40 MPS Redboxes at a time, which is far more efficient than the traditional method of manually configuring and integrating different types of hardware. Prior to deployment, configurations are shipped to the store site where they are often installed on a “plug and play” basis.
- How are MPS Redboxes managed?
The same tools that enable Reliant Security’s low-cost remote deployment model can be used to improve efficiency of ongoing management. From simple system tweaking such as changes in firewall rules to delivery of new controls through major system upgrades, MPS remote access and management software provide the flexibility to make changes without ever entering the store. The MPS Redbox remote monitoring system provides alerts on a wide variety of system health, configuration and performance status events.
- What is the hardware failure rate and how is hardware break/fix addressed?
Reliant Security recognizes that break/fix support represents a significant portion of merchant’s total cost of ownership and has built a cost-effective model for managing hardware failures in the MPS system management framework. Reliant Security’s statistical analysis of deployments in the field indicates that Rebox hardware will fail at a rate of 2-3% per year. Each individual MPS Redbox configuration is stored centrally and, in the event of a failure, can build a fully configured replacement unit in real-time. This unit is generally shipped to the store where it follows the same plug-and-play deployment model discussed above. For environments that cannot tolerate Next Business Day hardware replacement, a number of faster replacement options exist.
- How does Reliant Security provide support for its MPS Redbox installations?
Reliant Security maintains a help desk to provide support to its customers. Support tickets can be opened online or over the phone. Additionally, Reliant Security can provide ongoing compliance support for its customers including system monitoring, upgrades and configuration changes on a consultative basis.
- What is “audit readiness” and how does the MPS Redbox support this?
“Audit-readiness” refers to maintaining systems in a state where the information required to validate compliance with an IT auditor or senior manager is continuously maintained and updated, so that the environment does not fall out of compliance. Reliant Security designed MPS with audit readiness in mind. A key design objective for all controls provided under the MPS relates to “evidentiary output,” or the extent to which Reliant Security can provide its clients with evidence on the integrity of these controls. The Reliant Security PCI portal will provide this data to IT Managers and Auditors on a secure basis. Additional architectural and design details for the portal can be found in the MPS Architecture.
- What else can an MPS Redbox be used for?
We can make significant customizations to the MPS Redbox architecture by creating new virtual machines for a variety of applications including backoffice systems, payment switches, IP telephony, streaming video and a wide variety of other applications. If you have questions regarding the addition of new applications to the MPS Redbox architecture, please contact us.
|
