Just flick a switch to protect a server or a point-of-sale terminal. Lavawall™ will check out your network, decide how to best protect your network and send you an email to confirm or customize the settings.
(Lavawall double-checks your identity with Multi-Factor Authentication).
Need help? Just push the help button and certified security experts will call you.
Lavawall ™ instantly protects servers that contain customer data and credit card machines. Lavawall™:
In short, it's instant cyber security that you can plug in and forget about.
If your business relies on cloud services and can't handle an Internet outage, just plug in a cellular USB modem into the Lavawall ™ and it will automatically use cell service if your main Internet connection goes down.*
*Requires additional purchase of cellular modem and data plan or add-on from LavaWall™
Every merchant that accepts credit cards needs to comply with up to 331 cybersecurity requirements. If your credit card terminal or CRM are connected to your network, every machine must be compliant.
Consumer firewalls and routers aren't PCI-compliant and don't meet modern security needs. The Lavawall™ limits the PCI requirements to your terminal and includes required PCI documentation, monitoring, and updates to meet all of your internal PCI requirements.
Version 3 of the Lavawall™ places the same trusted technology in a tiny 5.8cm square package. It includes:
Credit card mode: restricts network traffic between your credit card processor and your credit card terminal or POS for PCI compliance.
Server mode: automatically restricts server connections to authorized workstations and cloud providers. It also prevents unusual data downloads and proactively sends approval requests to easily add new workstations.*
Help Button: sends diagnostic information to ThreeShield, triggers a help email to you with easy links for frequent requests, and a tech support call.*
4G cell backup: with an optional cell modem and SIM card, you can keep working through an Internet outage.*
Network monitoring: optionally get notified when a new machine gets plugged into your secured or external network.**
Anomaly detection: changes in network traffic patterns could indicate a breach or an employee stealing data. We'll actively let you know.**
Ransomware, worm, and hacking detection: if something on your network is checking for vulnerabilities to infect or hack, the Lavawall&trade v3 will detect it and let you know.**
Automatic updates: don't worry about missing security updates.
Automatic configuration changes: when encryption standards evolve, we automatically update the Lavawall™ v3 to meet them.
Two-plug design: For v3, we've done away with the admin port and provide a foolproof solution with only 2 ports: one for the secured device(s) and one for the rest of your network.*
Multifactor authentication: Reports and changes use more than just a vulnerable password to keep your systems safe and comply with PCI and other regulations.*
Easy Power: The Lavawall™ v3 went away with the bulky power adapter from v1 and v2. This device now uses 5V/1A USB power (note: cellular support requires 2A) consuming less than 2W!*
Silent: The Lavawall™ v3 continues our tradition of silent, fanless hardware that you won't even notice while it quietly does its job.
Calgary Foothills Primary Care Network (CFPCN)
Public health network of over 450 member physicians, 250 administrative staff, and 5 directly-managed health clinics
Payment Card Industry (PCI) Compliance to accept credit cards
Lavawall™ devices and managed security service for SAQ B-IP Compliance
Lavawall™ devices were “painless, easy, and unnoticeable”
CFPCN has an efficient IT department that manages its modern, enterprise-grade networking equipment. After a proactive cybersecurity and compliance review showed that credit card machines were on networks that didn't fully meet PCI requirements, CFPCN had three options:
Configure every device on its network to meet compliance requirements.
Configure and regularly update the modern enterprise-grade network equipment to meet credit card compliance requirements and isolate the credit card machines.
Plug in Lavawall™ devices to isolate credit card machines and instantly meet the PCI network compliance requirements without worrying about future update and configuration requirements.
After a comprehensive cost-benefit analysis, CFPCN found that the instant compliance, built-in monitoring, upgrades, and configuration of Lavawall™ devices for its 5 clinics would be more cost-effective than paying internal resources to implement a laundry list of required changes followed by required maintenance.
CFPCN's IT staff plugged in the well-labelled devices during routine clinic visits while the clinics continued to operate as usual. This solution works equally well for large primary care networks with IT staff as it does for small clinics.
Single-location escape room startup with no employees other than the founder (at the time)
Payment Card Industry (PCI) Compliance to accept credit cards
Lavawall™ compliance package for SAQ B-IP Compliance
Lavawall™ devices are “like Magic in a box!”
EscapeOps is a custom-built immersive escape room with one location in Calgary. Like all merchants with a credit card terminal, Escape Ops agreed to comply with PCI requirements when they opened their merchant account. While still under construction, EscapeOps’ founder contacted ThreeShield Information Security Corporation for support completing the PCI Self-Assessment Questionnaire (SAQ) that their new payment processing company requested as part of their PCI compliance requirements.
When we arrived, EscapeOps was like most other small businesses: there weren’t any PCI policies or procedures, and the computer network consisted of a laptop and its Internet Service Provider’s (ISP) integrated high-speed modem and wireless access point. The founder also provided an old router from home that we had hoped to use to isolate the credit card machine so EscapeOps didn’t have to configure all of their computers to comply with credit card rules. This would also allow us to significantly limit the number of PCI compliance requirements down to what is known as SAQ B-IP. Unfortunately, we found a backdoor in the Internet Service Provider’s router and neither the ISP’s wireless router or the router that the founder provided could meet PCI encryption, multi-factor login, monitoring, or other requirements that most home users don’t need.
Our goal was to minimize EscapeOps’ PCI burden and provide a comprehensive solution that wouldn’t require any further thought for Escape Ops so they could focus on their incredible escape room. ThreeShield integrated custom software and configurations into a low-cost router. This fulfilled all of the internal PCI network compliance requirements. This was the birth of ThreeShield’s Lavawall™ version 1. We also developed custom policies, procedures, network documentation, and testing documentation packaged with training, external vulnerability assessments, and updates to provide a comprehensive — and repeatable — solution for PCI SAQ B-IP compliance. This meant that instead of having 331 PCI requirements that applied to every computer and network device, Escape Ops only had 88 and they were all instantly met.
The Lavawall™ and PCI compliance package ended up saving so much time that we were able to cut our PCI SAQ consulting fee in half for Escape Ops. By chance, we had also developed an amazing tool to provide enterprise-grade security to small businesses that need to isolate and secure sensitive systems like a credit card terminal.
EscapeOps’ founder’s description of the service as being “magic in a box” cemented our desire to spread Lavawall™ to other companies. Small businesses shouldn’t have to bother with complicated security configurations that most IT consultants without significant security experience don’t even understand. They should be able to put a magic box behind systems they care about and know that it works while ThreeShield’s Certified Information Systems Security Professionals™ and certified PCI Professionals™ take care of the configurations, updates, and monitoring behind the scenes.
As the Chief Compliance Officer of a payments entity, I have relied on ThreeShield Information Security to provide risk-based solutions that have satisfied regulators and business partners alike. While our Money Services Business is unique in that it supports commerce within virtual worlds and video game environments, the security standards that we have to meet are the same as they would be for any regulated financial institution.
ThreeShield has employed a dynamic, risk-based approach to information security that is specific to our business needs but also provides comfort to our external stakeholders.
I recommend their services.
-Scott Butler, CCO of Tilia Inc.