Mapping guides

How FairWarning Maps to PCI DSS

Issue link: https://www.fairwarning.com/insights/i/1104109

Contents of this Issue

Navigation

Page 0 of 6

Section PCI DSS 3.0 Requirements Testing Procedures Guidance FairWarning® Solution 10.1 10.1 Implement audit trails to link all access to system components to each individual user. 10.1 Verify, through observation and interviewing the system administrator, that: - Audit trails are enabled and active for system components. - Access to system components is linked to individual users. It is critical to have a process or system that links user access to system components accessed. This system generates audit logs and provides the ability to trace back suspicious activity to a specific user. FairWarning® Analytics record and examine all user's access to and activity with any system components. These Analytics are then automated as Enforced Policies to proactively alert users of any activity that is being tracked or audited. 10.2 10.2 Implement automated audit trails for all system components to reconstruct the following events. 10.2 Through interviews of responsible personnel, observation of audit logs, and examination of audit log settings, perform the following: Generating audit trails of suspect activities alerts the system administrator, sends data to other monitoring mechanisms (like intrusion detection systems), and provides a history trail for post- incident follow-up. Logging of the following events enables an organization to identify and trace potentially malicious activities. FairWarning® Analytics and Reports enable reviewing of information system activity such as audit logs and access reports to reconstruct the required events. FairWarning® Investigations centralize management and tracking of these events and security incidents. 10.2.1 10.2.1 All individual user accesses to cardholder data. 10.2.1 Verify all individual access to cardholder data is logged. Malicious individuals could obtain knowledge of a user account with access to systems in the CDE, or they could create a new, unauthorized account in order to access cardholder data. A record of all individual accesses to cardholder data can identify which accounts may have been compromised or misused. FairWarning® Analytics record and examine user activity, including any access to cardholder data. These Analytics are then automated as Enforced Policies to proactively alert users of any activity that is being tracked or audited. Requirement 10: Track and monitor all access to network resources and cardholder data Logging mechanisms and the ability to track user activities are critical in preventing, detecting, or minimizing the impact of a data compromise. The presence of logs in all environments allows thorough tracking, alerting, and analysis when something does go wrong. Determining the cause of a compromise is very difficult, if not impossible, without system activity logs. According to the Verizon 2015 PCI Compliance Report, PCI DSS Requirement 10 is the second least sustainable requirement for compliance. More than half (54%) of organizations fell out of compliance with requirement 10 when they were reassessed less than a year after being validated as fully compliant. FairWarning ® Mapping to PCI DSS 3.0, Requirement 10

Articles in this issue

Links on this page

view archives of Mapping guides - How FairWarning Maps to PCI DSS