PCI Requirement 12.10.4 – Provide Appropriate Training to Staff with Security Breach Responsibilities
PCI Requirement 12.10.4 requires that your organization provides appropriate training to staff with security breach response responsibilities.
New Search
If you are not happy with the results below please do another search
6 search results for: 10.4
PCI Requirement 10.4.3 – Time Settings Are Received from Industry-Accepted Time Sources
To ensure that critical system clocks and time are consistent and correct, PCI Requirement 10.4.3 requires that time settings are received from industry-accepted time sources. This could be from something like the U.S. Navy, NASA, Google, or other organizations who use GPS for time synchronizations.
PCI Requirement 10.4.2 – Time Data is Protected
PCI Requirement 10.4.2 requires that through time-synchronization technology, time data is protected. Organizations must implement controls to protect time data from unauthorized access or modification. Why? Malicious attackers may seek to modify time data to hide what actions they’ve taken over a period of time.
PCI Requirement 10.4.1 – Critical Systems Have the Correct and Consistent Time
PCI Requirement 10.4.1 requires that critical systems have the correct and consistent time so that chronological events can be recreated. Without proper and consistent synchronization, it’s almost impossible to compare logs to systems and determine an exact sequence of events. Compliance with PCI Requirement 10.4.1 is crucial during incident response.
PCI Requirement 10.4 – Using Time-Synchronization Technology, Synchronize All Critical System Clocks and Times
Remember how PCI Requirement 10.3 requires that date and time of events are captured in log entries? PCI Requirement 10.4 dives into time management and what is required of that date and time. It requires that organizations should use time-synchronization technology to synchronize all critical system clocks and times and ensure that the following is implemented for acquiring, distributing, and storing time:
WEST COAST REGIONAL ADDRESS
1 Sansome St.
35th Floor
San Francisco, CA 94104
CORPORATE & MIDWEST REGIONAL ADDRESS
4235 Hillsboro Pike
Suite 300
Nashville, TN 37215
NORTHEAST REGIONAL ADDRESS
200 Park Avenue
Suite 1700
New York, NY 10166
SOUTHEAST REGIONAL ADDRESS
1228 East 7th Ave.
Suite 200
Tampa, FL 33605
11755 Wilshire Blvd.
Suite 1250
Los Angeles, CA 90025
Suite 1250
Los Angeles, CA 90025
3838 Oak Lawn Avenue
Suite 100
Dallas, TX 75219
Suite 100
Dallas, TX 75219
235 Peachtree ST NE
Suite 400
Atlanta, GA 30303
Suite 400
Atlanta, GA 30303
10411 Motor City Drive
Suite 750
Bethesda, MD 20817
Suite 750
Bethesda, MD 20817
6040 California Avenue SW
Suite C
Seattle, WA 98136
Suite C
Seattle, WA 98136
200 West Madison
Suite 2100
Chicago, IL 60606
Suite 2100
Chicago, IL 60606
All Rights Reserved
© 2021 KirkpatrickPrice
Popular Blog Posts
- Compliance Terms Glossary
- Purpose of Policies & Procedures
- SOC 1 vs. SOC 2
- Finding a QSA for PCI Audits
- Guide to 7 Types of Penetration Tests
- CCPA vs. GDPR