PCI DSS File Integrity Monitoring Explained

Although FIM or File-Integrity Monitoring is only mentioned specifically in two sub-requirements of the PCI DSS (10.5.5 and 11.5), it is actually one of the more important measures in securing business systems from card data theft. File Integrity monitoring systems are designed to protect card data from theft. The primary purpose of FIM is to detect changes to files and their associated attributes. However, this paper provides the background to three different dimensions to file integrity monitoring, namely; secure hash-based FIM, used predominantly for system file integrity monitoring, file contents integrity monitoring, useful for configuration files from firewalls, routers and web servers and file and/or folder access monitoring, vital for protecting sensitive data

Provided by: New Net Technologies Topic: Security Date Added: Mar 2011 Format: PDF

Find By Topic