The Payment Card Industry Data Security Standard (PCI DSS) has been in effect since 2004, but the need for continued compliance strategies is just as important today as when the standards were introduced.
One of the most important elements of a continued compliance strategy is file integrity monitoring (FIM) for PCI DSS. File integrity monitoring is specifically mentioned as a compliance requisite. The reason for this is simple: file integrity monitoring helps find and fix vulnerabilities that could be exploited to gain access to sensitive cardholder data.Recent research notes that 81 percent of businesses in the U.S. and Europe store payment card data, and without the right protection measures in place, this information could be compromised. When it comes to PCI for businesses, file integrity monitoring isn't just necessary, but it is also easier for you to secure your organization's data without having to utilize a lot of resources.
PCI Requirements related to File Integrity Monitoring
PCI DSS is applicable to any organization that accepts, stores, and transmits cardholder data. The reason these standards are in place is clear, as there were 1,579 data breaches in the U.S. alone in 2017, and those resulted in nearly 179 million records being exposed.
By requiring compliance from organizations, following PCI standards can reduce the risk of data breaches, thereby protecting important and sensitive consumer data. Two of the 12 PCI requirements specific involve file monitoring, and they are:
Requirement 10: track and monitor all access to network resources and cardholder dataSpecifically, requirement 10.3 says that you must “record audit trail entries for all system components for each event,” including:
- User identification
- The type of event and its origin
- The date and time of the event
- What data was affected
- The affected component or resource
However, simply recording audit trails are not enough.
Requirement 10.5: Secure Audit Trail so they cannot be altered
This requirement consists of 5 parts including:
- 10.5.1 Limit viewing of audit trails to those with a job-related need.
- 10.5.2 Protect audit trail files from unauthorized modifications.
- 10.5.3 Promptly back up audit trail files to a centralized log server or media that is difficult to alter.
- 10.5.4 Write logs for external-facing technologies onto a secure, centralized, internal log server or media device.
- 10.5.5 Use file-integrity monitoring or change-detection software on logs to ensure that existing log data cannot be changed without generating alerts
Requirement 11: Regularly test security systems and processesIn particular, requirement 11.5 states that you must deploy a change-detection mechanism (for example, file-integrity monitoring tools) to alert personnel to unauthorized modification (including changes, additions, and deletions) of critical system files, configuration files, or content files; and configure the software to perform critical file comparisons.
File Integrity Monitoring for BusinessesFile integrity monitoring may be required for PCI compliance, but it also makes your job a great deal easier by limiting the resources and budget you have to dedicate to data security. Essentially, the purpose of file integrity monitoring is to keep an eye on your systems, software, applications, users, and networks to detect any changes that occur to critical files. In other words, FIM will alert you to any data breach immediately, including malware, zero-day attacks, and internal breaches. By telling you what was altered, when the alteration was made and by whom, file integrity monitoring doesn’t just help you achieve PCI compliance, but it also makes your data more secure and your organization more trustworthy.
The Best FIM Features for BusinessesOrganizations need advanced and robust file integrity monitoring systems to meet PCI requirements. Your FIM tool should implement all file integrity monitoring best practices, including that it:
- Gives you real-time monitoring and detection capabilities
- Can easily be integrated with virus protection
- Provides instant notification regarding any changes to your data or systems
- Generates extensive reports
- Restores changes immediately to keep critical systems operational
- Provides suggestions to fix changes
- Can differentiate between planned and unplanned changes
Data breaches are, unfortunately, still all-to-common, because even with measures like PCI in place, malicious hackers and criminals are always changing their tactics and finding new ways to access data. Beyond that, however, many organizations that think they're compliant with standards like PCI haven't actually met the requirements, and this leaves their data vulnerable to attacks. But with the right file integrity monitoring system in place, you can rest easy knowing that your organization is fully compliant with two important PCI requirements and that sensitive information that’s been entrusted to you will remain secure.
Download the Definitive Guide to File Integrity Monitoring to learn more today.
June 25, 2018