PCI Requirement 10: Tracking and Monitoring All Access to Network Resources and Cardholder Data
This session in our PCI Readiness series spotlights PCI Requirement 10, which examines the tracking and monitoring of all access to network resources and cardholder data. Our panelist for this session, Jeff Wilder, explains each part of PCI Requirement 10 in detail, along with some of the common struggles that come along with this requirement.
Complying with PCI Requirement 10 is critical to your organization’s security. The PCI DSS states, “Logging mechanisms and the ability to track user activities are critical in preventing, detecting, or minimizing the impact of a data compromise. The presence of logs in all environments allows thorough tracking, alerting, and analysis when something does go wrong. Determining the cause of a compromise is very difficult, if not impossible, without system activity logs.”
In this webinar, you will learn about topics related to PCI Requirement 10, such as:
- Why is this a comprehensive requirement?
- What does this requirement apply to?
- What are the common struggles of Requirement 10?
- Requirement 10 focuses on the ability to identify which elements of a breach?
- Attackers are usually in your environment for weeks, if not months, and the data is long gone before you realize it.
- The Verizon Breach Report noted that only 3% of breaches are identified by internal staff, all others were based on a third party contacting the organization.
- All in scope devices must have logging enabled.
- What will cause an event to be logged?
- What must each log contain?
- Synchronize the time on each system so that chronological events can be properly ordered.
- Logs must be protected from unauthorized modification.
- Logs must be reviewed at least daily.
- Logs must be retained for a total of 1 year, at least 3 months must be immediately available.
- Policies and procedures must be documented, in use, and communicated to all affected users.