Announcing Card Recon and Enterprise Recon 1.16

Well it’s finally out. Our team has been working hard these past few months to complete this latest release of Card Recon and Enterprise Recon for all to enjoy and we must say, this is no ordinary release. Not only does it include the normal bevy of false positive updates, bug fixes and general improvements that you would expect, it also introduces a suite of major features which we know many of you, particularly those with larger environments have been asking for.

Deleted Files, File Slack Space and Process Memory Scanning

Find Credit Card Numbers within unallocated sectorsSome of you may have noticed in the last 6 months we quietly introduced new scanning options for Card Recon to identify unencrypted cardholder data handling within process memory and deleted files that reside on unallocated disk sectors. Version 1.16 expands this capability further by adding detection within file slack space which is useful if you have files containing CHD which scale up and down in size.

Furthermore we have now taken these features and fully integrated them into Enterprise Recon enabling detection of cardholder data within deleted files, slack file space and process memory on remote systems where an Enterprise Recon agent is deployed.

Audio File Scanning Support

Scan for cardholder data within Audio filesDo you run a contact centre, pay-by-phone IVR or record calls as part of quality assurance? Many organizations may not realize the impact call recording technologies have on PCI compliance scope, particularly when your customer provides cardholder information whilst the call being is recorded!

If the above scenario describes your situation, this feature becomes very relevant. The Audio File scanning feature enables both Enterprise Recon and Card Recon to detect cardholder data stored as DTMF (touch-button) tones within audio recordings. Try it within your call centre. The findings might surprise you.

Enterprise Recon’s new features

Within this 1.16 release many advancements were made exclusively within Enterprise Recon due to the volume of feature requests Enterprise Recon customers submitted. These include:

Remote File Content Viewer

Inspect at the contents of non-PCI compliant PAN storage within remote filesFor some time now we have planned a secure remote file content viewer within Enterprise Recon that functions similar to the Match Inspector found within Card Recon. The challenge our engineers faced was ensuring the feature does not impact your PCI compliance scope by storing, processing or transmitting cardholder data across the network between the Enterprise Recon Node agent and the Master Server/Reporting Console.

In short, we cracked it and have implemented an approach that dynamically masks the file content at the node before data is transmitted across the network. The result is you can now double-click on any file on a remote host to view the contextual data surrounding a finding without fear of more PCI compliance scope being introduced.

Remote Secure File Delete

To complement the remote file viewer we Permanently delete cardholder data within fileshave bundled in a secure remote delete feature enabling Enterprise Recon administrators to permanently delete files where unencrypted cardholder data has been discovered on a remote system. This feature renders file data permanently unrecoverable should undelete or any other data recovery be attempted.

We believe this feature alone will greatly decrease remediation time to review and permanently delete files storing cardholder data residing across multiple systems on your network.

Active Directory Integration

Active Directory Authentication is supported by Enterprise ReconEnterprise Recon now supports authentication via Active Directory for console users to further enhance interoperability with your central PCI compliance controls including password management and user permission groups. Furthermore large deployments will benefit from automatic Host Group Assignment using Active Directory host groups already established. This feature is a true time saver for customers with a large numbers of hosts.

Exchange 2010 Support and Exchange 2003 / 2007 Improvements

Support for identifying cardholder data Enterprise Recon scans Microsoft Exchange for storage of Cardholder Datawithin Microsoft Exchange mailboxes has been further enhanced with improvements to Exchange 2003 and 2007 database scanning support. This includes thorough scanning of each individual email within a given mailbox including attachments.

To extend on this capability, Enterprise Recon now provides full support for Exchange 2010 databases directly off the file system. This also includes scanning Microsoft backups of your Exchange Database when packaged into a BKF formatted file.

Oracle, DB2, Sybase, Postgres, MySQL and MSSQL via ODBC

PAN data storage within Databases including Oracle DB2 Sybase MySQL MSSQL and PostgresYou asked. We delivered. Many customers indicated a desire to scan Oracle, DB2 and other enterprise databases. Whilst the existing default method of directly reading supported database file types natively off the disk is highly effective, we understand some still have a requirement to scan live databases via traditional ODBC. For this reason we have introduced ODBC support into Enterprise Recon enabling scanning of 5 additional database types. The compliance report will display a count of all findings including the location within the database where it was found.

Major On-Screen Display Improvements

Since it’s original release, Enterprise Recon Cardholder Data Discovery results are improved within Enterprise Recon 1.16has supported scanning of various Database and email formats and displayed a detailed breakdown of locations where cardholder data was found.

Our interface designers have taken this a step further with a rework of the on-screen compliance report interface including the addition of a live file-by-file breakdown and visual data type markers such as email and databases. The updated layout displays a greater amount of information making it easier to understand and establish the true PCI compliance storage risks that exist on a given host.

Download Now

Card Recon and Enterprise Recon version 1.16 are available as a free upgrade for all current license subscribers.

Enterprise Recon users will find the upgrade process simple – just run the updated installer on your existing Master Server. Enterprise Recon will then automatically upgrade all nodes with the scanning engine update. In addition the update must also be installed on any host where the reporting console is installed.

To download the the latest version(s) of Card Recon or Enterprise Recon visit http://www.groundlabs.com/support

If you’re considering Enterprise Recon for your own PCI compliance needs please contact us and our team will be happy to provide a free trial.

Cardholder Data Discovery now available on FreeBSD

Cardholder Data Discovery for Free BSD

FreeBSD

Ground Labs announced the introduction of support for FreeBSD within Card Recon and Enterprise Recon (node agent) cardholder data discovery products.
Full details are covered in our recent press release that was made in co-operation with the FreeBSD foundation.

Our thanks go out to Dru Lavign, Erwin Lansing and the contributing team within FreeBSD who have been 100% supportive of our efforts to create native, dependency-free builds of our software products for this great platform.

The press release can be viewed at the following link: https://www.groundlabs.com/news/card-holder-data-discovery-pci-compliance-freebsd