LateRooms.com, an online accommodation website, has purchased Tripwire VIA, an IT compliance automation software suite which combines and integrates the Tripwire Enterprise and Tripwire Log Center software to provide visibility, intelligence and automation across its IT.
Tripwire VIA will enable LateRooms to ensure customer data security and compliance with the Payment Card Industry Data Security Standard (PCI DSS) and maintain continuous compliance across multiple regulatory standards whilst reducing the time and cost associated with audits. The software will also help ensure that effective security measures are in place around all LateRooms’ files, servers and network products which hold data pertinent to PCI-DSS.
Manchester based LateRooms offers accommodation in over 30,000 properties, ranging from budget bed and breakfast through to luxury five star hotels across the UK and Europe. Processing well over three million transactions per year and with total transaction value in 2008 hitting £172 m, compliance with payment card and security standards is essential.
Gavin Hamill, IT Manager for LateRooms says: “Protecting customers’ card details is vital for our business and something that we take extremely seriously. Therefore, we were keen to work with a vendor who has a comprehensive solution and an established and proven reputation in the regulatory compliance infrastructure space to ensure that our customers are never at risk.”
Hamill adds: “Working with Tripwire, we are able to achieve two key things: firstly, ensuring that LateRooms has systems which are fully compliant with PCI DSS standards. Secondly, we will have copies of the configuration files available any time a change is made. To ensure our systems are secure it is important that we have access to and visibility of all changes that take place so that we can identify unauthorised changes easily.”
Tripwire Enterprise and Tripwire Log Center products allow the IT department to manage systems to internal and external policies – across the heterogeneous data centre – from a single point of control. Rob Warmack, Senior Director of International Marketing at Tripwire comments, “Unauthorised changes, whether accidental, benign, malicious or originating from inside or outside the organisation, can compromise consumer data security and customer confidence and loyalty.”
Warmack adds: “Tripwire products enable companies to log, analyse and remediate issues that may otherwise go unnoticed. This enables LateRooms to continually improve its data protection whilst also satisfying file integrity monitoring, change control and log management requirements outlined in the PCI DSS. For an online company like LateRooms, that is wholly reliant on credit and debit card transactions, the importance of being certified as PCI compliant cannot be underestimated.”
