PCI DSS File Integrity Monitoring Explained

Provided by: New Net Technologies
Topic: Security
Format: PDF
Although FIM or File-Integrity Monitoring is only mentioned specifically in two sub-requirements of the PCI DSS (10.5.5 and 11.5), it is actually one of the more important measures in securing business systems from card data theft. File Integrity monitoring systems are designed to protect card data from theft. The primary purpose of FIM is to detect changes to files and their associated attributes. However, this paper provides the background to three different dimensions to file integrity monitoring, namely; secure hash-based FIM, used predominantly for system file integrity monitoring, file contents integrity monitoring, useful for configuration files from firewalls, routers and web servers and file and/or folder access monitoring, vital for protecting sensitive data

Find By Topic