To protect businesses, cardholders and the integrity of the payment
system, Visa has established audit requirements governing the
safekeeping of account information as part of the Payment Card Industry
(PCI) Data Security Standard. This standard requires network monitoring
and testing procedures for verification, automation, recording,
synchronizing, integrity, daily review, and retention for all audit
logs. Log data and their associated audit trails must be collected,
stored, monitored and assessed on a routine basis – ensuring data
integrity and verifiability at all times. Considering that most retail
businesses generate gigabytes of event log data each day, leveraging a
log management solution that optimizes the storage and analysis of event
log data is paramount. Additionally, being able to readily identify
internal violations and sophisticated threats, as well as conduct
thorough investigations is necessary to reduce the risks to sensitive
data leakage, and support the PCI audit standards.
Compliance with Visa PCI requires not only deploying several mandated
security countermeasures, but also frequent review of safeguards and
policies to ensure their continued effectiveness. The Visa PCI standard
mandates that merchants, banks and service providers implement network
monitoring and testing procedures for verification, automation,
recording, synchronizing, integrity, daily review, and retention for all
audit logs. Log data and the associated audit trails must be collected,
retained and reviewed on a routine basis – ensuring data integrity and
verifiability.
_______________________________________________
Dev mailing list
[hidden email]
http://lists.ofbiz.org/mailman/listinfo/dev
Locked
