PCI-DSS

Satisfy PCI-DSS event log management requirements for Sections 10 and 11 with event log collection, event log monitoring, file integrity monitoring.

The Payment Card Industry (PCI) is a private industry group set up by the major credit card companies and to define the Data Security Standard (PCI-DSS) to prevent credit card fraud, hacking and other security issues.

Organizations that process, store, or transmit credit card numbers must be able to monitor, report, and alert on attempted or successful access to systems that contain sensitive cardholder data.

PCI-DSS Section 10 explicitly calls for the collection and monitoring of event logs:

• Establish a process for linking all access to system components (especially those done with administrative privileges such as root) to an individual user
• Implement automated audit trails to reconstruct events for all system components
• Track and monitor all user activities including user logons, user logoffs, user login failures, user added/ deleted/modified, user logon failure/success on VPN servers, and success/failure of critical file access by users
• Record audit trail entries for each event for all system components
• Secure audit trails so they cannot be altered

PCI-DSS Section 11 requires organizations to deploy file integrity software to:

• alert personnel to unauthorized modification of critical system or content files
• perform critical file comparisons at least weekly