Regularly Monitor and Test Networks

Requirement 10: Track and monitor all access to network resources and cardholder data #

To have regular audits of the cardholders’ data and the information security mechanism is an integral part of the organization’s compliance tasks. Implementing automatic audit trails, keeping the record of all the relevant information, protecting audit trails are some of the test requirements highlighted in this section.

• 10.1 Audit trails can be used to link all access to system components.
• 10.2 Automated audit trails should be encouraged for implementation.
• 10.3 Audit trail entries like- user name, event type, date and time must be recorded for all system components.
• 10.4 Every critical system must be synchronized. Make sure that one time synchronization is used to acquire, distribute, and store time.
• 10.5 Audit trails should alwys be secured so that it cannot be altered by anyone.
• 10.6 In order to identify suspicious activities, logs and various security events have to be reviewed.
• 10.7 Audit trail history has to be retained for atleast a year.
• 10.8 A process must be made and implemented for detecting and reporting about the failures of critical security and control systems.
• 10.9 Security policies and operational procedures for monitoring all access to network resources and cardholder data are well documented and known to all affected parties.

Requirement 11: Regularly test security systems and processes. #

Complementing the points highlighted in requirement 10, requirement 11 discusses the detailed physical security process for data and information protection.

• 11.1 Run processes for identification of authorized and unauthorized acess points.
• 11.2 Vulnerability scans needs to be done for both internal and external networks regularly to avoid vulnerabilities.
• 11.3 Penetration testing should be done methodologically.
• 11.4 Prevention and detection techniques can be used to prevent and detect intrutions.
• 11.5 A change-detection mechanism can be created.It can send alert to people to alert personnel if in case any unauthorized modification takes place.
• 11.6 Security policies and operational procedures for security monitoring and testing are well documented and known to all affected parties.