HPE NonStop News
Save The Date!
Mark your calendars for the 2019 NonStop TBC on November 3 - 6, 2019 at the Hyatt Regency SFO hotel in Burlingame, CA.
NonStop TBC 2018 Presentation Downloads are here!
XYPRO XYGATE® Identity Connector for HPE NonStop, Certified for CyberArk®
One of the largest security risks to any organization is stale privileged accounts or the misuse, compromise or sharing of those accounts. Privileged accounts have elevated access to perform administrative type functions. They can be administrator accounts, service accounts, firecall or emergency accounts, database connection accounts, application accounts among others. Most of these accounts were set up ages ago when an application or system was deployed. They typically have multiple integration points. Because of the risk of “breaking something”, the passwords for these accounts are rarely rotated, likely shared and improperly stored. According to the Varonis 2018 Global Data Risk Report – 65 percent of companies have over 500 accounts with passwords that are never rotated. These accounts have a higher likelihood of showing up in online password dumps with valid passwords. Privileged and service accounts with non-expiring passwords are a cyber criminal’s best friend. Ensuring these passwords are stored properly, changed regularly, meet complexity and compliance requirements, and are audited can be overwhelming to manage. Current processes for requesting and managing access to privileged accounts are manual, complex, and frequently do not map to the core business initiatives. Governance is often an afterthought, leaving many enterprises vulnerable to increased security risks and potential non-compliance with external regulations or internal corporate mandates.
To address this need, XYPRO has partnered closely with CyberArk and our customer base to deliver the only supported CyberArk integration for the HPE NonStop server. XYPRO’s XYGATE Identity Connector, certified by CyberArk, bridges the gap between identity governance and enterprise privileged credentials management for the HPE NonStop server.
How to Prove your Target Matches the Source in an Audit – and Not Panic!
If you (or your boss!) worry even a little bit at the thought of your databases being out of sync, then HPE Shadowbase Compare for NonStop databases is for you. Oversight for replication products and business continuity is critical and requires independent methods to ensure the consistency between databases even while they are open by the application and actively being updated. HPE Shadowbase Compare provides proof for regulatory data validation compliance and auditors, and can also correct SQL databases via its Repair feature when data discrepancies are found (by using several different methods).
HPE Shadowbase Compare/Repair can be used:
On any two copies of NonStop files or tables
To run independently of any replication product
To allow both the source and target to remain open for updating
As part of a customer solution to help satisfy regulatory and audit requirements for data verification
For more information, please visit: https://www.shadowbasesoftware.com/utilities/compare/
Lusis Payments has reserved the dates of March 19th to March 21st for presentations of our successful TANGO Webinar Series. We invite you to take advantage of this opportunity to learn more about TANGO-our award winning, mission-critical, transaction processing software solution for acquiring, routing, switching, authenticating and authorizing payments across multiple channels including ATM, POS, eCommerce, Prepaid and Mobile.
Learn how TANGO:
Offers flexible architecture and scalable performance
Is the most cost effective long term payments solution on the market
Has been chosen by companies worldwide because of its performance and hardware agnostic capability
Surpassed 10,000 TPS
March 19th - 21st (Tues – Thu)
Select date and times are available.
Please choose one suitable for you.
Presented by: Ki Roth
Head of Business Development, Americas
HPE NonStop at the centre of Data-centric enterprise data protection
Data breach attempts have become, unfortunately, a daily event for almost any organization that processes valuable data and pose a significant threat to many businesses. Increasing pressure from ever-tighter data privacy rules and regulations (PCI, HIPAA, GDPR) combined with painful fines for non-compliance put the spotlight on enterprise data protection.
If you look at the kind of applications that run on HPE NonStop systems, it quickly becomes clear that high volumes of mission-critical, sensitive data are routinely processed on HPE NonStop. The majority of payment transactions (think PANs) around the world touches a NonStop system at some point in the payments value chain and it is this PAN data that needs to be protected effectively.
The perimeter and layer defences which companies used to put in place to deter or fend off malicious attackers do not work anymore. As news headlines continue to demonstrate, attackers are still getting through. Organizations need to protect sensitive data when stored in files, database tables, or anywhere on NonStop systems. Only data-centric protection ensures that the data itself is protected and not left in a vulnerable state. Effective data-centric protection reduces your risk of data exposure and minimizes the need for compensating controls when reviewing data protection regulations.
Good data protection practices (the ‘golden rules’ of data security if you like) say that you need to protect your data as early as possible and unprotect it only if necessary. This really puts HPE NonStop and the (payment) data being processed and stored at the centre of an effective enterprise data protection strategy. At the same time, it makes HPE NonStop systems the obvious starting point for any data protection project.
But how do you secure your business and how do you protect your mission-critical data?
A new article and a new way to innovate, now available on the NonStop Innovations Blog.
The Insider Technologies approach to Security Risk Management provides a proactive monitoring solution for organisations of all sizes, assisting them with improved security management of their IT enterprise.
A key differentiator between Sentra Security Monitoring and other products is that Sentra can search for patterns of behaviour. For example, a single failed logon may not appear to be significant but when a cluster of events occur within a specific time period, then Sentra can alert you to the possibility of a concerted “brute force attack”.
Sentra provides a cross-platform Security Risk Management solution, enabling you to monitor, track and report on any security risks occurring within your enterprise and applications.
Various browser ‘layers’ can be created to display the overall organisational infrastructure and lying beneath a top-level view, other diagrams exist which represents components such as networks, databases and servers.
These browser views ideally should be ‘incident’ free, i.e., no alerts.
However, if an alert does occur, then by simply drilling down to the underlying issue, you can interrogate the problem in more detail.
Further information can be found on here, how we can help you navigate and resolve your security fears.
Compliance Issues with File Integrity Monitoring?
How One Financial Institution Solved Theirs with CSP
File Integrity Monitoring is an important requirement of the PCI data security standard for maintaining confidential (e.g., cardholder) information, and is considered a crucial part of protecting business assets.
NonStop systems are now being used in far more dynamic situations and have more external connections than ever before.
In this context, File Integrity Monitoring should be considered an important security necessity, not just for PCI compliance, but in order to preserve the integrity of all NonStop systems.
Learn how one financial firm improved their file monitoring process with CSP
Read the full article at CSPSecurity.com
For more information on CSP solutions visit www.cspsecurity.com
For complimentary access to CSP-Wiki®, an extensive repository of NonStop security knowledge and best practices, please visit wiki.cspsecurity.com
We Built the Wiki for NonStop Security ®
Southern California - SCNUG
Southern California Tandem User Group Chapter Meeting
May 2, 2019
7th Floor, Surf City Room
2677 N. Main Street
Santa Ana, CA 92705
For more info: SCNUG@outlook.com
Save the date! LATUG 2019
We're excited to announce one of the premier NonStop events in Latin America is back! Join us for LATUG 2019 in Bogota, Colombia during May 2nd and 3rd. It will be 2 days filled with conversations and learning about where NonStop is and will be heading in the future in this important market with incredible growth potential. Customers from the payments, banking and other important industries from Latin America will be there. Did we mention there will be arepas? ¡Los vemos pronto!
Save the Date!
European NonStop Technical Boot Camp
13-15 MAY 2019
Venue: Sheraton Grand Hotel, Edinburgh
Special early bird registration now open