Tools for Logging in PCI

- PCI calls for tying the actual users to all logged actions.

- All time on the in-scope systems should be synchronized.

- The CIA of all collected logs should be protected.

- Logs should be regularly reviewed; specific logs should be reviewed at least daily. Automation of such review is not only acceptable, but desirable, since manual review is guaranteed to fail (on high-volume networks)

- All in-scope logs should be retained for at least one year.

- In-scope systems include at least all systems that directly process credit card data (such as PAN and other private cardholder information), including underlying operating systems as well as data processing applications, systems that store such data, network infrastructure for networks where such data is transmitted, and systems that protect any of the above (such as firewalls, network IDS and Internet Protocol Security [IPS]).This also includes systems not specifically segregated from these processing servers and applications.

[Tony Bradley, PCI Compliance]

Bookmark/Search this post with:
  • Delicious
  • Digg
  • StumbleUpon
  • Reddit
  • Google
  • Yahoo
  • Technorati

User login

Who's online

There are currently 0 users and 1 guest online.

Who's new

  • Hathcoonnorry
  • prongerieni
  • gaterfoko
  • Neptenveply
  • dkrzakaz