Netwrix Shares The Six Best Practices To Assure PCI Compliance

Recent PCI-DSS (Payment Card Industry – Data Security Standard) compliance incidents have been costing companies millions of pounds in fines and losses and inflicting damage to valuable brand reputations.

This has spurred change and configuration auditing specialist Netwrix to urge organisations processing payment cards to follow six best practices to safeguard against security incidents.

Big checks

To support the need to follow its best practices, the company has pointed to the recent eBay breach that forced the company to advise 145 million users to change their passwords to avoid financial information loss, while the breach at US retailer Target resulted in 40 million stolen credit card numbers and compromised the personal information of more than 70 million customers.

To help organisations avoid similar data breaches and their consequences, Netwrix has recommended six essential rules around change and configuration auditing:

  • Separate Environments – Minimise risks by reducing PCI scope within your systems and enforce separation of environments by continuously auditing access and changes to the systems where cardholder data is stored.
  • Audit Access Control – Ensure that permissions are adequate and access to sensitive data is limited only to people who need it. Change and configuration auditing can help by giving you precise information about the state of access rights and all changes to it, alerting you to critical issues and helping with investigation in the event of unauthorised access.
  • Audit Provisioning and De-Provisioning of Users – Organisations should establish control over user creations and removals. A comprehensive change and configuration auditing solution will provide daily and on-demand reports as well as real-time alerts on these critical modifications.
  • Audit of Privileged Users’ Activities – A particular emphasis should be placed on changes made by administrative accounts: changes to user access rights, elevation of privileges, mistakenly changed permissions and other security related events. Daily and on-demand reports and real-time alerts provided by change auditing solutions will help organisations to stay secure.
  • Document Everything – You never know what part of your system activities or during what period you will be required to demonstrate to the auditor, so keep it all. In addition to a complete audit trail, some of the more advanced change and configuration auditing solutions allow you to record video of user activities on critical systems, along with metadata, and provide search and replay capabilities. A regular review of audit trails may also assist in preventing breaches before they occur.
  • Monitor and Test – Change and configuration auditing solutions will provide a complete audit trail with detailed information on access and changes with ‘who, what, where, and when’ details, including after and before values for each event. This will simplify root-cause analysis and allow proactive prevention of malicious activities.

“Recent examples show that it is not enough to align your processes and policies with PCI-DSS guidance,” said Alex Vovk (pictured), president of Netwrix. “You must also establish mechanisms to verify these processes actually work and be able to prove that to all stakeholders: IT management, executives, and auditors. Essentially, change auditing is what makes your compliance efforts provable.”

Eric Doyle

Eric is a veteran British tech journalist with expertise in security, the channel, and Britain's startup culture

Recent Posts

Flashpoint enters new chapter with global partner programme

Security vendor Flashpoint debuts partner programme following $28m funding

7 years ago

Channel partner “disconnect” hindering growth

Complex buying journeys and sprawling partner networks hampering customer experience, says Accenture

7 years ago

Cyxtera launches global channel partner programme

Datacentre provider Cyxtera says launch is “milestone in our go-to-market strategy”

7 years ago

US IT provider brings mainframe services to UK

Ensono highlights importance of mainframes still to major industries

7 years ago

VASCO and Nuvias expand distribution across EMEA

Security vendor VASCO looks to replicate UK and German set up across EMEA

7 years ago

Splunk says channel investments driving growth

Splunk details investment in Partner+ programme at .conf2017

7 years ago