The Payment Card Industry Data Security Standard (PCI DSS) has been in effect since 2004, but the need for continued compliance strategies is just as important today as when the standards were introduced. 

One of the most important elements of a continued compliance strategy is file integrity monitoring (FIM) for PCI DSS.  File integrity monitoring is specifically mentioned as a compliance requisite. The reason for this is simple: file integrity monitoring helps find and fix vulnerabilities that could be exploited to gain access to sensitive cardholder data.

Recent research notes that 81 percent of businesses in the U.S. and Europe store payment card data, and without the right protection measures in place, this information could be compromised. When it comes to PCI for businesses, file integrity monitoring isn't just necessary, but it is also easier for you to secure your organization's data without having to utilize a lot of resources.


PCI Requirements related to File Integrity Monitoring

PCI DSS is applicable to any organization that accepts, stores, and transmits cardholder data. The reason these standards are in place is clear, as there were 1,579 data breaches in the U.S. alone in 2017, and those resulted in nearly 179 million records being exposed.

By requiring compliance from organizations, following PCI standards can reduce the risk of data breaches, thereby protecting important and sensitive consumer data. Two of the 12 PCI requirements specific involve file monitoring, and they are:

Requirement 10: track and monitor all access to network resources and cardholder data
Specifically, requirement 10.3 says that you must “record audit trail entries for all system components for each event,” including:
  • User identification
  • The type of event and its origin
  • The date and time of the event
  • What data was affected
  • The affected component or resource

However, simply recording audit trails are not enough.

Requirement 10.5: Secure Audit Trail so they cannot be altered

This requirement consists of 5 parts including:

  • 10.5.1 Limit viewing of audit trails to those with a job-related need.
  • 10.5.2 Protect audit trail files from unauthorized modifications.
  • 10.5.3 Promptly back up audit trail files to a centralized log server or media that is difficult to alter.
  • 10.5.4 Write logs for external-facing technologies onto a secure, centralized, internal log server or media device.
  • 10.5.5 Use file-integrity monitoring or change-detection software on logs to ensure that existing log data cannot be changed without generating alerts 
Requirement 11: Regularly test security systems and processes
In particular, requirement 11.5 states that you must deploy a change-detection mechanism (for example, file-integrity monitoring tools) to alert personnel to unauthorized modification (including changes, additions, and deletions) of critical system files, configuration files, or content files; and configure the software to perform critical file comparisons.


File Integrity Monitoring for Businesses

File integrity monitoring may be required for PCI compliance, but it also makes your job a great deal easier by limiting the resources and budget you have to dedicate to data security. Essentially, the purpose of file integrity monitoring is to keep an eye on your systems, software, applications, users, and networks to detect any changes that occur to critical files. In other words, FIM will alert you to any data breach immediately, including malware, zero-day attacks, and internal breaches. By telling you what was altered, when the alteration was made and by whom, file integrity monitoring doesn’t just help you achieve PCI compliance, but it also makes your data more secure and your organization more trustworthy.


The Best FIM Features for Businesses

Organizations need advanced and robust file integrity monitoring systems to meet PCI requirements. Your FIM tool should implement all file integrity monitoring best practices, including that it:
  • Gives you real-time monitoring and detection capabilities
  • Can easily be integrated with virus protection
  • Provides instant notification regarding any changes to your data or systems
  • Generates extensive reports
  • Restores changes immediately to keep critical systems operational
  • Provides suggestions to fix changes
  • Can differentiate between planned and unplanned changes 

Data breaches are, unfortunately, still all-to-common, because even with measures like PCI in place, malicious hackers and criminals are always changing their tactics and finding new ways to access data. Beyond that, however, many organizations that think they're compliant with standards like PCI haven't actually met the requirements, and this leaves their data vulnerable to attacks. But with the right file integrity monitoring system in place, you can rest easy knowing that your organization is fully compliant with two important PCI requirements and that sensitive information that’s been entrusted to you will remain secure.

Download the Definitive Guide to File Integrity Monitoring to learn more today.

file integrity monitoring guide download

Jacqueline von Ogden
Post by Jacqueline von Ogden
June 25, 2018
Since 1999, Jacqueline has written for corporate communications, MarCom agencies, higher education, and worked within the pharmacy, steel and retail industries. Since joining the tech industry, she has found her "home".

About Cimcor

Cimcor’s File Integrity Monitoring solution, CimTrak, helps enterprise IT and security teams secure critical assets and simplify compliance. Easily identify, prohibit, and remediate unknown or unauthorized changes in real-time

Our Top Cybersecurity & Compliance Tools

AI-Powered Compliance Automation Icon
AI-Powered Compliance Automation

Make audit prep hands-off, guaranteed to keep you

Fortify Cybersecurity Posture Icon
Fortify Cybersecurity Posture

Say goodbye to 97% of security alerts, block unauthorized changes across your IT stack.