Policy Minder Helps Amway Remove the Guesswork from PCI Security Compliance


Amway is a privately held business with locations in 80 countries. As a global leader in the health and beauty field, the company offers opportunities that help people develop businesses of their own based on retailing health, beauty, and other consumer products. 

The Challenge: Protecting Data and Complying with PCI

A top concern at Amway is system and data security. When faced with Payment Card Industry (PCI) compliance, Amway decided to use it as an opportunity to see how well its security configurations compared to industry best practices.

They discovered that because of their dynamic environment and growing number of systems, Amway needed to automate the management and repair of user profile settings, library authorities, file authorities, directory authorities, and system values. This step was necessary to ensure the company would remain compliant with its security policy and, by definition, the PCI standard.

"Keeping track of who has access to company systems and data is a priority at Amway," said Steve Mulder, Amway’s lead systems support specialist. "Over time, it becomes very difficult to manage a system like ours as it grows. We need to see the exceptions, not the list of things that are normal."

The Solution: Monitor IT Security with Policy Minder

Amway needed a security administration software and services solution. Mulder checked out Policy Minder and soon realized Policy Minder could automate the security administration of the system, covering all the areas of concern Amway outlined and more. Amway deployed Policy Minder to track changes and make sure everything stays in compliance with security policy.

One example of what Policy Minder does for Amway is keeping track of the security configuration of sensitive files. Policy Minder runs daily and makes sure ownership, authorities, and other security attributes are all in compliance with policy. Changes to security attributes are a common problem on large and complex systems like Amway, which has with hundreds of users and workloads running on different platforms.

The Results: Doing More with Less by Focusing on Exceptions

Policy Minder automates security policy compliance and delivers comprehensive security administration functionality, reducing the hours of labor-intensive analysis required in the compliance process.

"Policy Minder reminds me of any policy exceptions every day, so nothing slips through the cracks," Mulder said. "We're doing more with less, and we don’t want to go looking for the problems, we want them to come to us. Policy Minder accomplishes that for us."

Manage Your Security Policy Effectively

Maintain compliance, identify vulnerabilities, and ensure consistency in your organization's cybersecurity goals. Check out Policy Minder in action.