How to Satisfy PCI Auditors

If you are having trouble reading this email, read the online version.

Contact Us Direct   How to: Satisfy PCI Auditors     The PCI council issues specific compliance guidelines that must be supported by clear, concise documentation. Consider the following three initiatives critical in your quest to satisfy auditors.       Maintain secure systems and applications (req. 6.6): Install a Web application firewall (WAF) or undergo application reviews yearly and after every application change. Implementing a WAF will provide unprecedented visibility into application access and abuse. Implement strong access controls (req. 7): Deploy a user rights management solution to help summarize user rights and then match these rights to actual access. By comparing user privileges to actual activity, businesses can identify and eliminate excessive user rights and identify dormant users (req. 8.5.5). Monitor network and data access (req. 10.1): Implement automated monitoring solutions that track all access to cardholder data. Solutions such as database activity monitoring (DAM) and file activity monitoring (FAM) simplify reporting efforts with built-in PCI compliance reports. Imperva sales@imperva.com         White Paper: Data Security for PCI Compliance

Imperva
3400 Bridge Parkway, Suite 200
Redwood Shores, CA 94065
USA

©2015 Imperva, Inc.
All rights reserved. Imperva, the Imperva logo, SecureSphere, Incapsula and Skyfence are trademarks of Imperva, Inc. and its subsidiaries.
All other brand or product names are trademarks or registered trademarks of their respective holders.

Manage Your Subscriptions