PCI Requirement 10.8 – Additional Requirement for Service Providers Only: Implement a Process for the Timely Detection and Reporting of Failures of Critical Control Systems

by Randy Bartels / December 19, 2022

 Monitoring Failures Without formal processes in place to detect and alert when critical security controls have failed, failures could go undetected for extended periods of time and provide malicious individuals with opportunities to compromise your systems and obtain sensitive data from the cardholder data environment. This is why PCI Requirement 10.8 requires that service providers implement a process for the timely detection and reporting of failures of critical security…

What is PCI Requirement 10.7 and What is an Audit Trail History?

by Randy Bartels / April 12, 2023

 PCI Compliance and Audit Trail History Now that you’ve implemented logging, what do you to them? PCI Requirement 10.7 asks that you retain audit trail history for at least one year, with a minimum of three months immediately available for analysis. A year is the recommended length of time because it may take a few months to notice a compromise. A year’s worth of audit trail history can be…

PCI Requirement 10.6.3 – Follow Up Exceptions and Anomalies Identified During the Review Process

by Randy Bartels / December 20, 2022

 Follow Up Once an organization has completed log review, they must follow up exceptions and anomalies identified during the review process. The purpose of PCI Requirement 10.6.3 is a little obvious, right? If exceptions and anomalies are not investigated, then what’s the point of the log review process? The follow up process helps make organizations aware of unauthorized activities occurring in their network. During an assessment, policies and procedures…

PCI Requirement 10.6.2 – Review Logs of All Other System Components Periodically Based on the Organization’s Policies and Risk Management Strategy

by Randy Bartels / December 20, 2022

 How to Prioritize Log Review PCI Requirement 10.6.1 requires daily review of logs of system components that store, process, or transmit cardholder data, logs of all critical system components, and logs of all servers and system components that perform security functions. But what about all other system components? PCI Requirement 10.6.2 addresses this and requires that organizations review logs of all other system components periodically based on the organization’s…

PCI Requirement 10.6.1 – Review the Following Daily: All Security Events, Logs of All System Components, Logs of All Critical System Components, and Logs of All Servers and System Components that Perform Security Functions

by Randy Bartels / December 20, 2022

 Daily Review By reviewing logs daily, organizations can maximize their security efforts and minimize the exposure to potential breaches. PCI Requirement 10.6.1 requires that organizations review the following at least daily: All security events Logs of all system components that store, process, or transmit cardholder data Logs of all critical system components Logs of all servers and system components that perform security functions From many breaches that have recently…