Real Stories of PCI Compliance: Carlson Marketing and CVS Caremark

PCI compliance isn’t easy, but it is important if you’re a retailer processing more than 20,000 transactions annually. Proving compliance affects your profitability, your reputation, and your ability to keep doing business.

Splunk addresses many of the PCI requirements, and has pre-built searches, reports, alerts and dashboards to get you going. You can track a particular transaction across your entire infrastructure, and do it while the auditor is there looking over your shoulder. And perhaps that’s why we’ve had so many IT pros coming to us lately asking about the Splunk solution for PCI compliance.

And as you asked, we’re answering. Next week, we’ve got two events featuring two different customers detailing the challenges with delivering PCI compliance.

First up: Suky Bal, IT Director for Carlson Marketing EMEA. On Wednesday, February 25, he’ll walk us through the PCI process, what a compliance audit entails, and how he couldn’t have done it without Splunk. It’s at 15:00 GMT/ 10:00 am ET/ 9:00 am CT/ 8:00 am MT and that’s right, 7:00 am PT. Indeed it’s a bit early for some of us, so bring your caffeine-powered beverage of choice and questions to keep the energy up and the dialogue interesting. Sponsored by SC Magazine, you can register here. If you can’t make that time, register anyway, and we’ll shoot you a note when the recording is ready.

You’re also invited to join us for SplunkLive in Dallas. Asif Effendi, Manager for Compliance and Governance, Information Security Department at CVS Caremark and Peter Ehlke, Principal Systems Engineer, Architecture Team, from Pegasus Solutions will be our guest speakers. Asif brought Splunk in as a log consolidation tool to meet PCI and customer compliance mandates. They’ve already passed 2 audits. But he’s expanded his use of Splunk to encompass forensic investigations, proactive troubleshooting, and generally credits Splunk with significantly increasing the quality of operations. It’s also Wednesday, Feb 25, at 9:00 am CT at the Cool River Cafe. Register here.

Both Asif and Suky brought Splunk in to specifically deliver PCI compliance. But both have found that Splunk helps them with better visibility, monitoring and reporting across their operations.

You can read more about PCI Compliance on Raffy’s blog post on the topic, or check out the PCI Security Standards Council for additional info and best practices.

Happy Splunking!

Erin Sweeney

Posted by


Join the Discussion