Payment Card Industry Data Security Standard
There are twelve key components of the PCI 1.2 Data Security Standard. Many are very complex to handle without intelligent automation. Several specific elements relate to log management and accountability. According to VeriSign’s Global Consulting Services many organizations are failing PCI assessments. VeriSign conducts PCI assessments for large commercial organizations that must meet PCI standards, and they are reporting that Requirements 3, 8, 10, and 11 have all been major sources for failure.
The LogClarity® Enterprise Solution helps solve these challenges with automation of log management tasks while providing unprecedented accountability of user access to cardholder data stored inside databases. LogClarity® also provides in-depth log analysis and log correlation technology at its core.
This technology provides a unique view of data access which helps organizations gain in-depth details needed to root out. The LogClarity® incident management and response capabilities are able to determine unwarranted actions regardless of the location across the enterprise including databases.
Protection of Cardholder Data
Requirement 3 - Protect stored cardholder data
The LogClarity® Enterprise Solution monitors cardholder data stored inside databases, network file shares and file servers. Many violations of the PCI standard have come from cardholder data being too easily accessed across the network. LogClarity® monitors all cardholder data regardless if the data is stored in a spreadsheet or a database table. LogClarity® provides powerful incident management and response measures to alert key stakeholders of unwarranted actions as well as automated responses to reduce damage.
LogClarity® also provides automated correlation of user application and data access activities to provide the clearest view of data access possible. Simple to use forensics and data mining capabilities are available once stakeholders have determined the severity of the incident.
Implement Strong Access Control Measures
Requirement 8 Assign a unique ID to each person with computer access
The LogClarity Enterprise Solution monitors log data related to user account provisioning, privilege escalation, and other user account activities. LogClarity correlates account activity with other security events to provide depth and true clarity of real activity.
Due to the increasing number of insider attacks and reported attacks from unknown sources, LogClarity® provides unparalleled focus on built-in database roles, privileged groups, and accounts which are difficult to manage manually. Monitoring abuse of network accounts, privileged domain groups, and unchecked databases roles enables customers to maintain the highest level of accountability and security.
Regularly Monitor and Test Networks
Requirement 10 - Track and monitor all access to network resources and cardholder data.
In the PCI 1.2 data security standard released in October 2008 network resources have finally been clearly defined. The PCI Data Security Council dictates that the following resources are considered within the scope of where log data must be collected and maintained. Network devices (i.e. firewalls, routers and switches); Domain sources (i.e. UNIX servers, Windows servers, and Mainframe systems); and last but not least, Databases containing cardholder data.
Typical log management solutions aggregate logs from most if not all of these network resources except databases. However there are many database specific monitoring solutions that have filled the void. Unfortunately organizations must procure and maintain two solutions for logging to meet compliance.
The LogClarity® Enterprise Solution provides intelligent log management and database activity logging and monitoring in one single solid product. This unique value proposition ensures compliance for requirement 10 can be met with a single solution but also provides additional security value as well. A complete audit trail of realistic activity can finally be delivered without mismatched integration of the broad network-focused tools and narrow view of database monitoring solutions.
Requirement 11 - Regularly test security systems
and processes
Most commonly organizations fail compliance with requirement 11 because of lack of file integrity monitoring. Many times organizations store cardholder data in protected directories rather that inside databases. This requires file integrity monitoring. Another use case for file integrity monitoring is for system files which if changed without authorization could create vulnerabilities.
The LogClarity® Enterprise Solution monitors all data access, and also provides continuous monitoring of critical system files, cardholder data stored on file shards and database tables to ensure their integrity. LogClarityis truly able to analyze and correlate data access using file integrity monitoring to decipher unwarranted access to cardholder data no matter where it resides. LogClarity® provides a comprehensive approach to security and compliance with easy-to-use forensics and reporting.
Maintain an Information Security Policy
Requirement 12 - Maintain a policy that addresses information security
The LogClarity® Enterprise Solution provides unmatched accountability of all activity including changes to Active Directory group policies which are the technical implementation of a written security policy. Group policies can be easily edited by anyone with the appropriate privileged or anyone who gains such access. These subtle changes are very difficult to notice but can have horrific implications.
LogClarity® provides Group Policy monitoring and alerting to help customers enforce their information security policy. By detecting unauthorized policy changes LogClarity® can reduce the risk of data theft and ensure accountability of all activity is not altered from what was intended by security policy makers. LogClarity® definitely helps organizations meet and maintain Requirement 12 of the PCI Standard.
The LogClarity® Enterprise Solution provides true accountability of all activity which cannot be matched by any other single source solution on the market.
Try LogClarity® 4.5 Today!
