Freely subscribe to our NEWSLETTER

With financial institutions and high-street banks comprising the company’s core customer base, WhiteConcierge needed to protect the data they were dealing with to an extremely high level. They sought a Network Access Control (NAC) solution to gain further visibility and control over access to network resources and sensitive data.

Ben Sewell, head of Information Security & Technology at WhiteConcierge, said, “We chose ForeScout CounterACT as it ticked all the right boxes in helping us to achieve certain elements of PCI DSS Level 1 compliance. Also, unlike the other NAC products we looked at - including Cisco - ForeScout CounterACT provided the flexibility we demanded to fit our network environment and was easy to administer, which kept staff training time to a minimum. It has also helped us enormously in automating security policies and allowing us to draw excellent reports, which clearly explain, and demonstrate, our level of compliance.”

WhiteConcierge deals with all major cities around the world to satisfy diverse requests from the banks’ high net worth customers. Projects range from sourcing a camel for an Arabian-themed party in Zurich, to arranging a temporary passport and other critical documents for an executive whose handbag was stolen during a business trip to Morocco. Fast and secure cardholder data delivery is essential to implement such activities for people whose most important commodity is time, rather than money.

“It is not a legal requirement for WhiteConcierge to be a PCI DSS Level 1 compliant merchant - nor is it an easy thing to do - but we chose to be, to show customers how committed we are to protecting their data. ForeScout CounterACT is therefore helping us to be at the forefront of our industry, and I can honestly say that we couldn’t do without it,” commented Sewell.

He added, “We were surprised by the fact that ForeScout CounterACT provides advanced intrusion prevention and active defence mechanisms - to the point where it could easily be our primary IPS product, supporting our layered network security environment. Our QSAs, who are extremely stringent, have also been really impressed with the ForeScout CounterACT platform, saying that it oversteps traditional NAC boundaries and provides more integrated and extensive network and endpoint security defences.”

Examples of the PCI DSS Level 1 requirements that ForeScout CounterACT is helping WhiteConcierge to achieve:

PCI requirement 1 is to “Install and maintain a firewall configuration to protect cardholder data.” ForeScout’s support of PCI monitors the firewall function by detailing all actual access made to the Card Holder Data Server Zone.
PCI requirement 7 is to “Restrict access to cardholder data by business need-to-know.” ForeScout CounterACT identifies users attempting to access cardholder information which they are not granted access to by their Active Directory group.

PCI requirement 11.4 is “A list of detected malicious activity.” Using ForeScout CounterACT, a pre-defined action is available in the policy to automatically send an email to the administrator when a malicious activity is detected. ForeScout’s patented ActiveResponse function can be set to automatically block malicious sources.

PCI requirement 12 is “A policy with a pre-defined action for exposing users to company policies on a regular basis.” With ForeScout CounterACT, a pre-defined action is available to hijack hosts and require users to confirm that they have read the relevant company policy.

“Over and above solving WhiteConcierge’s original pain point of supporting PCI DSS Level 1 compliance, ForeScout CounterACT also enables improved visibility of endpoint devices, strong reporting and bolstered network security infrastructure for them,” said John Hagerty, EMEA sales director at ForeScout. “I am delighted that we have helped WhiteConcierge on so many levels, and we look forward to evolving with them as their innovative, and fascinating business continues to grow.”