Secure Data for Compliance and Ensure Brand Reputation

There is a demand in retail to invest continually in technologies such as point of sale, payment card systems, mobile web applications, customer relationship management (CRM), and marketing analytics to better understand and influence customer behavior and build brand loyalty. Retail companies are adopting security strategies to protect critical applications from bad actors and to comply with regulatory regimes such as PCI.


The Illumio Adaptive Security Platform® (ASP) prevents the spread of breaches by delivering real-time application dependency mapping and micro-segmentation. Retail companies use Illumio to protect critical applications by disrupting the lateral movement of bad actors inside data centers and cloud environments.



Achieve compliance and reduce risk

Users deploy environmental segmentation to comply with regulations such as the Payment Card Industry Data Security Standard (PCI DSS) and the Health Insurance Portability and Accountability Act (HIPAA) and global privacy regimes like the EU General Data Protection Regulation (GDPR). Illumio ASP enables users to:

  • Validate the scope of covered systems that map to compliance controls
  • Create rules to detect anomalous behavior and unauthorized and failed connections
  • Enable queries and reports for compliance audits and security investigations

Improve vulnerability and patch management

Illumio ASP overlays third-party vulnerability scan data with application dependency maps to identify an attacker’s potential pathways. This enables users to:

  • Prioritize patching strategy
  • Deploy micro-segmentation as a compensating control
  • Avoid breaking applications by applying the right level of enforcement

Deploy Zero Trust security

Enable micro-segmentation to protect critical systems such as CRM, product design, Active Directory, and cardholder data environments from attacks that move laterally. Users operationalize Zero Trust security by:

  • Gaining real visibility into the environment and understanding of the potential attack surface
  • Creating micro-segmentation policies that follow the workload
  • Continuously detecting for change, unauthorized connection attempts, and policy deviations
  • Encrypting data in motion by policy