CimTrak helps you meet the PCI data security standard both by providing you with the industry leading change detection mechanism (file integrity monitoring) and configuration management solution. Payment card industry data security standards specifically call for file integrity monitoring (PCI 10.5.5 and PCI 11.5) to be deployed as well as the monitoring of critical network device configurations (PCI 1.1.1) such as those on firewalls. CimTrak not only covers these payment card industry standards but also gives you the ability to audit a large number of configuration settings against industry benchmarks and PCI data security standards.
Because seconds count when it comes to detecting change in a PCI environment, CimTrak detects changes, monitors file integrity in real-time, and notifies you immediately upon a change being detected. Further, CimTrak allows you to take immediate remediation action upon a detected change up to and including automatically restoring a file or device configuration back to its’ original state. With CimTrak, you can feel confident that your PCI environment is protected.
It is important to remember that PCI compliance should be viewed as a “snapshot” in time. Just because you are compliant at this very minute, there is no guarantee that a change will cause you to become non-compliant, or worse, allow a data breach to occur. CimTrak works to help you continuously maintain compliance once you are certified. Continuous compliance keeps bad things from happening, and bad things cost your business not only cold hard cash, but also loss of customers and reputation.
Meeting PCI-DSS Requirements 10.5.5 and 11.5 with CimTrak
While CimTrak can help your achieve compliance with a number of PCI-DSS requirements, two sections, PCI 10.5.5 and PCI 11.5 specifically call for a file integrity monitoring solution such as CimTrak to be deployed.
PCI 10.5.5: "Use file-integrity monitoring and change detection software on logs to ensure that existing log data cannot be changed without generating alerts."
PCI 11.5: "Deploy file-integrity monitoring software to alert personnel to unauthorized modification of critical system files, configuration files, or content files, and configure the software to perform critical file comparisons at least weekly."
The goal of PCI 10.5.5 and PCI 11.5 is to ensure the integrity of critical logs from the PCI environment and to ensure that changes to files do not allow a breach of PCI data. While PCI 11.5 calls for file-integrity monitoring software such as CimTrak to look for file changes at least weekly, true integrity of your PCI environment requires much more frequent monitoring. CimTrak provides real-time file integrity monitoring (FIM) without taxing your system resources.
This allows you to exceed the minimum frequency for file-integrity monitoring called for in PCI 11.5 and give you added piece of mind that your PCI environment is secure and in a state of constant integrity. PCI 11.5 also discusses the importance of regularly monitoring the output of your file integrity monitoring (FIM) solution. CimTrak makes it easy by providing complete reporting on changes as well as critical configurations.
CimTrak covers broad array of systems in PCI environments including servers, network devices, critical workstations, and even point of sale (POS) systems. Whether you’re a small retailer or a large payment processor, CimTrak can help you!