File Integrity Monitoring & PCI Compliance
Changes can usually be good- except when they happen on critical servers. This can often signal a breach. That’s why it’s essential for companies to use File Integrity Monitoring (FIM) for their critical servers so that they’re alerted as soon as changes happen.
According to Infosec Institute, compliances like PCI have made it as a requirement to regularly monitor the important files that would encounter critical data loss and serious damage if they were to undergo unexpected changes.
What Should Be Monitored?
There are various attributes of files that should be monitored, like privileges, security settings, content, hash values, configuration values, etc.
Generally, the act of performing file integrity monitoring is automated using internal controls such as an application or process. Such monitoring can be performed randomly, at a defined polling interval, or in real-time.
A FIM product must be capable of detecting that an unauthorized change has occurred, what exactly has been changed, and who has changed it. Following are the values monitored for unexpected changes:
- Privileges and Security Settings
- Core attributes and size
- Hash values
- Configuration values
In conclusion, FIM is a must-have monitoring solution that every organization should utilize. Contact us today to ensure you’re PCI compliant!