Find out more about us at
www.tandemworld.netSponsored By
Gold Sponsor
NonStop ™ Newsletter for June 2019
Sponsored By
Gold Sponsor
________________________________________
Click an Article to See more
Contents
OmniCloudX accelerates time to market
How can i Provision Users in HPE NonStop System from....
No ................
NSTBC 2019
MultiBatch 9.5 Upgrade
Hand-in-Hand with MOMI at the 2019 NonStop TBC!
Gravic Wins HPE’s Momentum Technology Partner of the Year 2019 Award!
Log Management- Planning Ahead Saves Time and Resources
NuWave On the Road
Big Breaches, Big Data, Big Context.....
Verify Elite: The Complete Solution for File Integrity Monitoring & Compliance
New Content from NuWave
Visit the XYPRO events calendar
OmniCloudX accelerates time to market
Financial Regulators tend to feel nervous about where your data and mine is being stored. All those numbers, accounts, cards, names and other personal information all added up together represent the wealth of the nation and all its citizens.
So when you suggest to these friendly Regulators that we store the entire GDP of the nation in some computer somewhere up there in “The Cloud”, they can tend to feel a little bit nervous. It’s almost the fortress mentality kicking in as our overseers really like the idea of pulling up the castle portcullis to shut off the world if everything for some reason takes a bad turn. After all, Central Banks do tend to have rather thick walls and they plan to keep them that way.
So cloud-lovers will be pleased to hear that we see an increasing trend towards the Private Cloud. The provision of all that infrastructure to meet the needs of business as and when it’s required, but in a TRUSTED and KNOWN location.
We see the same drivers with consumer card payments and the mandate to keep the card payment data processing within the borders of the country. Money makes the world go round for sure, however we want to be sure we can see all the money moving and we need to own it. For our part OmniPayments is seeing a rising amount of interest in the provision of card payment processing switches and gateways deployed in country, but hosted in a private cloud.
The financial metrics make it easier for customers to consume their payments infrastructure as a service.
OMNICLOUDX from OmniPayments is a modern, robust cloud-based implementation of OmniPayments deployed across the globe:
• Rapid deployment and quick-time to market
• Shared financial risk model
• Limited capital investment
• Pay as you go
• Managed service option
• Multi-tenancy
• Multi-currency
• Robust 24x7 availability
• Secure and Stable
• Mobile, QR-code & Card Payments
To learn more, please visit our website at omnipayments.com or contact us at Sales@omnipayments.com
How can I provision users in HPE NonStop system from my identity management system or custom application?
Managing user accounts in HPE NonStop is no easy feat; fortunately, the IdentityForge Connector for HPE NonStop makes it simple.
Enterprises find it challenging to timely provision and de-provision user access to key HPE NonStop systems. This poses 2 major issues:
1. Any delay in creating a user account for a new hire leads to productivity loss and can decrease profitability. 2. Not de-activating an account immediately upon employee departure or termination creates an unauthorized access security risk.
Many enterprises deploy Identity and Access Management (IAM) solutions to solve these challenges only to realize that while these IAM solutions can provide connectivity to a large number of target systems, sometimes they lack connectivity to HPE NonStop.
We’ve built our IdentityForge Connector for HPE NonStop so you can easily integrate HPE NonStop with your preferred IAM solution. The connector is simple to install and can be deployed in hours, not weeks or days. IdentityForge Connector for HPE NonStop can be used for:
• Simplified Password Management: Synchronize Active Directory password with HPE NonStop
• Password Self-Service: Enable employee password reset to reduce helpdesk costs and increase employee productivity
• Mitigate Risk: Disable (or delete) employee accounts when they leave to increase security posture and mitigate the risk of unauthorized access
• Boost Employee Productivity: Create user accounts in HPE NonStop to give employees faster access to the resources needed for their job
• The standard LDAPv3 interface also allows easy integration to any of your custom applications that need to be connected to HP NonStop
For more information, please visit:
https://www.idmworks.com/iam-software/identityforge-connectors/hp-non-stop-connector/
To speak with us about your integration of HPE NonStop, please contact us at +1.888.687.0436 Ext 1 or sales@idmworks.com.
No Smoke ......
No smoke, no mirrors, no snake oil.
Just NonStop Services to suit you.
Make plans to join the global NonStop community for four days of networking and learning with NonStop Engineers, Executives, Partners and Customers:
Registration is open!
Pricing Information:
Early Bird price: $1395 expires October 1st
Regular price: $
1695
Call for Papers is open!
https://www.nonstoptbc.com/call-for-papers
(Deadline for proposals is September 1, 2019)
Hotel info:
Hyatt Regency San Francisco Airport
1333 Old Bayshore Hwy
Burlingame, CA 94010
Phone: (650) 347-1234
Kathy Wood
NonStop Partner SIG/Vendor Chair
kwood@blackwood-systems.com
MultiBatch 9.5 Upgrade
1) Easy to do
As part of the MultiBatch 9.5 release, a menu driven upgrade macro (to accompany the base installation macro) is supplied. The upgrade will convert database files, install new macros, new object files (compatible across H, J, L-series platforms), and update the data definition libraries, all with minimal user intervention.
Insider Technologies is the only company that continues to maintain and improve their batch scheduler solution, when compared to competitor products, which remain static.
2) Backout Capability
Of course, as part of our Quality Management System (QMS), we aim to provide excellent customer service and support and one of these requirements is to allow our customers to backout the upgrade if they do not wish to proceed. Therefore, the upgrade menu includes a backout option where all changes are reverted and the customer can continue to utilise their pre-upgrade version.
3) Benefits
Audited Disaster Recovery log file
All MultiBatch runtime schedules are logged into a TMF Protect Recovery file, which can be replicated to a Standby system.
Therefore, if a system failure occurs, the MultiBatch schedule can be recovered on the new Production system – all by the use of two simple commands. The batch is fully recovered up to the point of failure, with status reporting being supplied to EMS and/or the home terminal, enabling the business to determine the state of their application.
No longer the need to manually check the status of a batch workflow, or document the start, failure, completion of batch jobs on the Production node; just in case a site-swap is required.
StepView
Current and historical runtime history of a complete batch schedule is stored, enabling the business to determine how the batch has performed over say, the past seven days, or on particular days.
MultiBatch Step metrics are captured and presented via the current Metrics List:
and via the historical Metrics List:
CRONTAB Scheduling
Enhancement to the current AT and Every scheduling mechanisms, the new CRONTAB GUI interface enable a wide variety of schedules to be configured for a job.
Mixed Case Parameters
Generally, the MultiBatch environment upshifts any Step Runtime and/or Parameter values.
Version 9.5 enables a user to configure a step to utilise the values as entered in the Pathway or GUI screens, retaining a batch jobs case sensitivity requirements.
4) Support Levels
Well, we have a very knowledgeable Support Desk who know our customers ‘intimately’, shall we say. Our customer response times are on a par with the HPE NonStop GNSC level of support, which is saying something indeed.
Not only is the support desk at a level other product suppliers would envy but Insider has Consultants, Developers and Product Managers who know our customers just as ‘intimately’ and able to assist at a minute’s notice.
Insider Technologies prides itself on the level of support we provide and as for testing our products, then we try and break them as much as possible before they leave the door. We would hate to find a product not functioning as well as expected. We do love however, continual product enhancement and MultiBatch 9.5 is one where customer feedback and our own internal testing and reporting has identified major improvements.
5) Consultants Know Their Customers
We continue to work with our customers and have been doing so for nearly 30 years, regarding them not just as customers but as friends too. We understand their environments and configurations, helping us to provide first class guidance, training and support.
6) The GUI is awesome
No other batch scheduler provides an inherent GUI configuration and monitoring interface.
Further enhancements are underway, never resting on our laurels, as we know that we can continue to improve.
For those who do not wish to use the GUI, then the Pathway block mode interfaces are always available.
7) Some customers do not wish to upgrade
That is understandable. They are content with what they use, so no need to upgrade and avail themselves of product enhancements. Product Support covers old and new releases.
If you would like further information on how MultiBatch can provide your entire mainframe-class batch scheduling requirements, then please contact Insider Technologies Limited:
+44 161 876 6606
Additionally, download our MultiBatch White Paper to obtain an in-depth description on how MultiBatch is the class leader in NonStop batch scheduling:
https://www.insidertech.co.uk/solutions/batch-processing
Hand-in-Hand with MOMI at the 2019 NonStop TBC!
For the first time, BlackWood Systems will be offering private, individual training at the NonStop Technical Boot Camp for our customers and those interested in learning about MOMI.
Since we don't know the Breakout Session schedule yet, we are simply taking names/companies at this time and will be in touch with you to schedule an optimum time for your MOMI training.
This is a great opportunity for you to get everyone 'up to speed' with their MOMI usage!
Registration Info:
https://events.eventzilla.net/e/handinhand-with-momi-at-the-2019-nonstop-tbc-2138750011
About MOMI:
MOMI is the superior real-time tool for monitoring, troubleshooting and diagnosing your HPE NonStop™ System operations:
User Friendly
Budget Friendly
Resource Friendly
Reliable, Technical Excellence and Strong Customer Support
MOMI runs on all NonStop platforms!
602-569-8766
Gravic Wins HPE’s Momentum Technology Partner of the Year 2019 Award!
At the annual HPE Global Partner Summit 2019 in Las Vegas, Gravic, Inc. graciously accepted the Momentum Technology Partner of the Year 2019 Award from Hewlett Packard Enterprise during the Alliances Reception and Awards Ceremony. The HPE Global Solutions Awards recognize HPE Partners for their outstanding performance and accomplishments in driving meaningful business results for shared customers. All of the winning HPE Partner Ready partners were recognized from across the partner ecosystem for outstanding performance, collaboration and accomplishments that raise the standard for business excellence and customer satisfaction.
“It’s an honor to award partners who have excelled in developing their partnerships with HPE and grown mutual business opportunities with collaborative solutions for our joint customers,” said Paul Hunter, Senior Vice President of Worldwide Partner Sales, HPE. “HPE is committed to innovating new solutions and enabling mutual growth together with our partners, and our awards recognize the partnerships, collaborations and successes of our top performing partners.”
After accepting the award on behalf of Gravic, Paul J. Holenstein, Executive Vice President, said, “We are very humbled by this award and want to thank HPE and its product management team, especially Mark Pollans, WW Sr. Product Manager, for working so closely and effectively with us on HPE Shadowbase. We are extremely proud of what we have achieved together this year, and look forward to many business opportunities with HPE in the future.”
Hewlett Packard Enterprise directly sells and supports Shadowbase solutions under the name HPE Shadowbase. For more information, please contact your local HPE Shadowbase representative or visit our website.
Gravic Presents at HPE NonStop Customer Event in Chile
Earlier this month we participated in the HPE NonStop Customer Event held in Santiago, Chile. On Wednesday, attendees enjoyed an official welcoming by Orlando Riquelme and various presentations, including two given by Alfredo Villarroel: NonStop Present and Future and HPE Shadowbase Use Case Solutions and Product Updates. On Thursday, attendees viewed a short NonStop video and other various vendor presentations, and participated in a closing cocktail reception at the Sky Costanera.
If you are interested in discussing our presentations’ content or would like us to present these or other HPE Shadowbase topics to your staff, please contact us. To speak with us about your data replication and data integration needs, please contact us, call us at +1.610.647.6250, or email us at SBProductManagement@gravic.com.
Gravic Publishes Article on How to Successfully Host a Hackathon
Gravic recently published an article, From Hacker to Hackathon – History in the Making! in the May/June issue of The Connection. The article includes highlights from planning, scheduling, coordinating, and hosting our first-ever hackathon, which has now become a highly anticipated annual event. Our employees enjoyed a tremendous team-building experience, were exposed to new ways to solve problems, and learned some exciting concepts. This article also reviews the history of hacking, hacker culture, and how other companies could hold their own hackathons. We would like to thank Gravic’s Learning and Development Committee for organizing this event!
Gravic Publishes Technical Article on Reliability, Availability, and Scalability
Gravic recently published an article, A Modern Look at Reliability, Availability, and Scalability, in the May/June issue of The Connection. Availability and reliability are complimentary measures, and they each deserve equal consideration for mission-critical applications. Enterprises want both 100% availability and 100% reliability but can never achieve 100% for either. Availability is the proportion of time that an application or system is running and properly operating, and is measured in “9’s.” This article explores data integrity as a measurement of reliability, what affects data integrity, and what level of data integrity is needed. In short, businesses with mission-critical applications must seek to drive their Recovery Point Objective (RPO), Recovery Time Objective (RTO), Integrity Point Objective (IPO), and Integrity Time Objective (ITO) all to zero. Next, this series will explore ways to improve reliability, measure IPO and ITO, and explore several new architectures that will yield superior results for mission-critical systems.
Please Visit Gravic at these Upcoming 2019 Events
|
N2TUG Meeting—Dallas, 27 June |
|
KNUG NonStop Technology Day—Seoul, 16 July |
|
TNUG NonStop Technology Day—Taipei, 19 July |
|
ATUG Meeting—Atlanta, 18 September |
|
CTUG Conference—Toronto, 25-26 September |
|
DUST Meeting—Phoenix, 8 October |
|
Connect HPE Technical Boot Camp—San Francisco, 3-6 November |
Log Management- Planning Ahead Saves Time and Resources
“I am too busy to plan!”
It seems like most IT professionals today are so busy keeping up with day-to-day tasks, not to mention myriad unexpected issues that arise; that project planning and time management often take a back seat., Besides, “planning” sounds like such an “open-ended” thing that is frequently deemed a waste of time and lost in the shuffle.
In fact, a little proactive planning could save a lot of time and stress in the future. And it does not have to take up a lot of time, e.g. like planning how to better deal with production issues...
Continue ReadingBlog:
http://blog.ticsoftware.com/index.php/log-management/Product Information:
LogWatchFor more information, please contact
Sales-support@ticsoftware.com or visit our NEW website https://ticsoftware.com---------------------------------------------------------------------------
TIC Software will attend the N2TUG this June 27th, 2019
---------------------------------------------------------------------------------------
Thank You,
Gabriela Claure
TIC Software
Ask TandemWorld
Keep up with us on
Twitter @tandemworld
We are currently seeking skilled resources across the EMEA region,
contact us for More Info
www.tandemworld.net
NuWave On the Road
NuWave has been busy globetrotting to spread the news about REST services. Lately, we've been to NYTUG (New York area Tandem User Group) at HPE in Berkeley Heights, New Jersey (USA); LATUG (Latin America Tandem User Group) in Bogota, Colombia; and ETBC (European Technical Boot Camp) in Edinburgh, Scotland. We're just getting started! You can read up on
the latest HPE NonStop events and find us at the following shows:- June 27th--N2TUG (North Texas Tandem User Group)
- July 15th-16th--KNUG (Korean Tandem User Group)
- July 18th-19th--Taiwan NonStop Event
Big Breaches, Big Data, Big Context - How to Empower the Next Generation of Security Threat Detection
Chief Product Officer & CISO
XYPRO Technology Corporation
It can take months or even years before a data breach is detected. The latest statistics from Ponemon Institute’s 2018 Cost of Data Breach Report outlines that it takes an average of 197 days to identify a breach. That means someone is in your network, on your systems, in your applications for over six months before they’re detected, IF they’re detected. That’s six months! On the higher end of the same report, there are companies that have been breached for years before they realize it. For example, sources indicate the Marriott data breach occurred back in 2014, but it was not disclosed until 2018. The scale of that breach is still being evaluated and it seems to get bigger and more impactful as more information is discovered.
Why is this the case? Most companies have all the hardware and data they need to detect a breach. All of the attackers’ activities are in the audit files, log files and other sources of data required by security frameworks and compliance policies to gather and store. Yet it still takes six months to detect. It all comes down to the data.
In 2019, data is being generated at a volume and velocity never seen before. Some have estimated that we will generate more data this year alone than in the past 5,000 years combined. To put this into perspective,
on a daily basis:
- 500 million tweets are sent
- 294 billion emails are sent
- 4 petabytes of data are created on Facebook
- 4 terabytes of data are created from each connected car
- 65 billion messages are sent on WhatsApp
- 5 billion searches are made
Now factor in all of the network devices, wearables, IoT devices and sensors, cameras, drones, blockchain and everything else, it is easy to see how much new data is being generated. Now pair that with your organization and its infrastructure, applications and people, and it all starts to come together.
Hackers know this. They use this extreme volume of data as cover. If they can be patient and hide their malicious activity in the immense volume of data to make it appear as innocuous user behavior, chances are their activity will go undetected for long stretches of time. It is becoming harder and harder for humans to search through all of this data to find a needle in a haystack while more hay is being piled on.
In 2018, the average cost of a breach was nearly $4 million US dollars. Like an undiagnosed illness, the longer a data breach remains undetected, the more damage it can cause. For larger organizations, that number can be in the tens of millions or larger. For a small business, a data breach could be the difference between staying in business and having to close its doors.
Unfortunately, small businesses are often unaware they’ve been compromised until another party informs them. For example, this can happen if a financial institution discovers a sudden rise in cardholder fraud and traces the source back to a single merchant. More than 70 percent of attacks target small businesses, and an estimated 60 percent of those that experience an attack will likely go under within six months. Businesses that operate in the retail, food and beverage and hospitality industries are the most susceptible to a compromise. One third of small businesses do not have the right tools or resources in place to protect against a breach. Again, attackers know this and use it to their advantage. Small businesses are low hanging fruit, that is why we have seen such a sudden spike in ransomware attacks. The necessary protections are missing, making it far too easy to get in, get the money, and get out. Attackers ask for a ransom that is just large enough to make it worth their time, and damaging enough to make any business owner give security a serious thought.
Beware of the Insider – Everyone Has a Price
How are these breaches occurring?
The same Ponemon study found that a majority of the attacks are from external cyber criminals, but interestingly enough, the next largest percentage was through malicious insiders. These are employees who have responsibilities within an organization who are misusing their trust or access. It’s important to be aware of this type of threat because they are typically very difficult to detect and often take a long time to discover.
The malicious insider threat is hard to detect because we typically trust our employees. If an employee is working with sensitive data as part of their job, it’s very difficult to determine if they are doing anything malicious with the data. Even if you suspect malicious intent, it’s easy for employees to claim that they simply “made a mistake” and get away with it. It is almost impossible to prove guilt in these cases. It’s pretty easy for tech-savvy employees to cover their tracks.
What Motivates the Malicious Insider?
Being aware of certain factors and indicators can help determine if you have a malicious insider threatening your organization.
- Is data being accessed, copied or deleted when there is no business justification?
- Is data being transferred out of the organization through file uploads, email and/or physically on media?
- Are changes to access occurring for file locations or inside of business applications that have no business justification?
- Are deactivated or terminated employee accounts being activated?
- Are unauthorized areas being accessed?
Every one of these activities by themselves could be benign. This is where we need context to help paint a broader picture. Malicious insiders are often driven by greed, anger, lack of recognition, ideology, ego, financial need, compulsive behavior and much more. This is context.
Look at all these different factors, characteristics and behaviors, and then see if a pattern emerges. If could be that they are just ambitious. Context will help you recognize the difference.
What is Context?
Let’s strip away the technology aspect and focus on context itself. Context is any information about any entity that can be used to reduce the amount of reasoning required for decision making. Ultimately context transforms data into hopefully useful information. Context is something we use in every part of our lives, particularly in language. For example, every word in this article is data, and you’re using context provided in this article to transform language into information about context.
In terms of language, there are two types of context: cultural context and situational context. Cultural context consists of attributes such as personal backgrounds and experiences people have gone through, their roots and heritage, the history of themselves, their family, their culture, etc.
Situational context takes into account who is involved in the conversation, the background of the participants and what they bring, the theme of the conversation and where the conversation is taking place. The combination of these types of context markers is what is referred to as universal discourse.
Using another example of context that shows up in our everyday lives, we’re all familiar with those ads that show up on our Facebook feeds after we searched for something on Amazon or Google. It feels like I can simply think of an item and an ad shows up in my Facebook feed. Frightening! How do they do this and target me directly? This is done using years and years of science and data going back to the Mad Men era of advertising. Data is still key, but machines are compiling and contextualizing that data faster than ever before.
Think about it – if you don’t know anything about your audience, it’s extremely complicated if not downright impossible to market to them. The importance of data can’t be overstated.
Big Data is a term that’s been thrown around a lot in the past few years and while AI and Machine Learning are opening up even more avenues for data gathering, the value of data can only be measured by its usefulness. That’s why “intelligent data” is a better way of looking at it.
Using Facebook as an example, CEO MarkZuckerberg knows how old I am, where I live, where I travel, who my family and friends are and my hobbies. At this point he probably knows more about me than I do. All of this information can be used to filter out things that are irrelevant to me, Steve, to focus advertising things that I would find interesting and get me to act, or purchase. The more personal the experience can become, the more inclined I will be to engage with the ad.
Where the Rubber Meets the Road
Context or contextual information is evidence about an entity that can be used to effectively reduce the amount of reasoning required for decision making. This can be done via filtering, aggregation, inference or other like methods. Contextualization excludes irrelevant data from consideration and has the potential to reduce data from several aspects including volume, velocity and the impacts of Big Data.
Generating alerts by simply correlating log data from devices without some sort of validation usually results in an overwhelming flood of alerts. Because the alerts were generated without validation, security teams must manually validate the alerts themselves. Given the number of events your security team has to deal with, you probably can’t afford to spend more than a few minutes deciding if an alert represents a true threat to your organization. This massive backlog of alerts leads to stressed-out security teams. Additionally, many of the alerts are likely to be false positives, as SIEMs are known to flag alerts based on what we call indicators of compromise(IOC), which need further investigation. This approach, in turn, leads to increased mean times to identify, hence the six months it takes to identify a breach.
What are the types of context that need to be considered.
Internal Context: Contextual information is about internal systems, such as the system’s business function, importance, location and what data or assets it houses. Context about internal systems helps an analyst understand if the observed attack is even relevant to the target system as well as help prioritize the incident. For example, is this potential attack against a production server or is it a visitor on the guest network?
External Context: Given that only an IP address is included in the event, external context can help attribute who owns the IP address and its geolocation. Reputable threat intelligence is helpful in understanding more about the attacker, the attacker’s intent and if other organizations have been targeted.
Behavioral Analysis: Historical patterns of the behavior and associations of systems and account help corroborate if the observed activity is malicious or just normal behavior. Incidents unfold over time, involve multiple data sources, and adversaries attempt to ‘live off the land,” meaning they will attempt to hide within authorized administrative tools.
We need to tackle these modern security problems with modern solutions. Based on the volume and velocity of data and the gap in technology, it is too easy for cyber attackers and malicious insiders to hide their activity within normal user behavior. SIEMs are a necessary first step to helping address the challenge, but need correlation technology to piece the data together. This has still left us with a 6+ month mean time to identify. This is where we need to apply other sources of data, or context, to transform our data into actionable information. We use context in nearly every part of our lives and businesses. Applying context to security should not be any different. This will help separate the actionable data from the noise.
Contextualized data improves our decision-making process and reduces operational costs by increasing the efficiency of our resources, both of which will reduce our mean time to identify a breach. This allows us to respond much faster and keep the impact and costs associated with a breach down.
Steve Tcherchian, CISSP, PCI-ISA, PCIP is the Chief Product Officer and Chief Information Security Officer for XYPRO Technology. Steve is on the ISSA CISO Advisory Board, the NonStop Under 40 executive board and part of the ANSI X9 Security Standards Committee. With over 20 years in the cybersecurity field, Steve is responsible for strategy and innovation of XYPRO’s security product line as well as overseeing XYPRO’s risk, compliance and security to ensure the best experience to customers in the Mission-Critical computing marketplace. Steve is an engaging and dynamic speaker who regularly presents on cybersecurity topics at conferences around the world.
Verify Elite: The Complete Solution for File Integrity Monitoring & Compliance
File Integrity Monitoring is an important requirement of the PCI data security standard for securing confidential (e.g., cardholder) information, and is considered a crucial part of protecting business assets.
NonStop systems are now being used in far more dynamic situations and have more external connections than ever before. The ubiquity of payment cards for personal electronic transactions has changed the security equation in a fundamental way.
Any compromise in security is likely to have far reaching consequences, both in terms of financial loss, and for the wider damage to an organization’s reputation. Protecting personal cardholder information is paramount.
In this context, File Integrity Monitoring should be considered an important security necessity, not just for PCI compliance, but in order to preserve the integrity of all NonStop systems.
is a complete NonStop compliance and file integrity monitoring solution from CSP, which continuously ensures that your NonStop System's security meets industry standards and regulations, including PCI DSS, SOX and GDPR.
By performing regularly scheduled compliance checks, Verify Elite's Security Compliance Monitor can ensure your compliance with both regulations and internal security policies.
And by executing regularly scheduled file integrity checks, Verify Elite's File Integrity Monitor can quickly detect if any unauthorized changes occur to selected groups of files.
What’s New in Verify Elite 2.4
Two key new features included in the latest release of Verify Elite are the new “Binder Timestamp” flag for Guardian File Integrity Check and the EMS logging options .
Security Compliance Monitor Key Features
· Pre-built customizable compliance rules
· Detailed reporting on regulatory compliance
· Includes rules for PCI DSS, SOX,
· Customizable reports
· Intuitive GUI makes compliance checking & audit reporting easy
File Integrity Monitor Key Features
· Monitors both Guardian & OSS files
· Meets PCI-DSS regulation 11.5
· Captures file fingerprints
· Full audit reporting capability
· Alerts for unauthorized changes
· Multi-Node Fileset Compare
· Easily integrated with enterprise security tools
Multi-Node Fileset Compare
The regular comparison of filesets across nodes should also be a part of the process to ensure the integrity of your files. For example, files that are replicated to backup environments or remote nodes need to be regularly compared to production files to ensure their integrity.
Verify Elite’s Multi-Node Fileset Compare feature permits the comparison of filesets located either locally or across NonStop nodes. Using the file attribute information, Multi-Node Fileset Compare can compare selected filesets across any two nodes, identifying both the matches and differences between the file attributes in each. If a discrepancy is found, investigation and possible remedial action can then take place.
CSP - Compliance at your Fingertips™
For complimentary access to CSP-Wiki®, an extensive repository of NonStop security knowledge and best practices, please visit
wiki.cspsecurity.comWe Built the Wiki for NonStop Security
®Regards,
The CSP Team
+1(905) 568 - 8900
New Content from NuWave
We've been busy creating new content for your viewing and reading pleasure.
We have new videos of our most recent webinars, including Integrating NonStop with Corda and REST-Enabling BASE24 and Other Payment Engines.
We also have new articles on our NonStop Innovations blog and new short clips like demos and product intros on the NuWave YouTube page.
To stay up-to-date on the latest content from NuWave, just follow us on
LinkedIn or Twitter.
Visit the XYPRO events calendar here to see where we will be and to sign up for free webinars.
N2TUG – Texas/Oklahoma Tandem User Group Meeting
June 27, 2019
Grapevine, TX
2019 PCI SSC North America Community Meeting
September 17, 2019 - September 19, 2019
Vancouver, BC, Canada
ATUG – Atlanta HPE NonStop User Group 2019
September 18, 2019
Alpharetta, GA
September 25, 2019 - September 26, 2019
Mississauga, Ontario
2019 PCI SSC Europe Community Meeting
October 22, 2019 - October 24, 2019
Dublin, Ireland
NonStop Technical Boot Camp 2019
November 3, 2019 - November 6, 2019
Burlingame, CA
2019 PCI SSC Asia-Pacific Community Meeting
November 20, 2019 - November 21, 2019
Melbourne, Australia
+44 (0) 20 8304 7979
Our company, Tandemworld,
accepts no liability for the content of this email, or for the
consequences of any actions
or information provided.
To Unsubscribe or Change your Subscription Please click here