As “The Encryption Company,” we often blog about meeting PCI DSS with encryption and key management. Our NIST-certified technologies will help your organization satisfy Section 3 of PCI DSS, as well as other privacy regulations. But there is another section of PCI DSS that Townsend Security can help you with – Section 10.
Section 10 states the requirements for tracking and monitoring access to network resources and cardholder data. Some things that this section speaks on is procedural – daily reviewing logs for all system components and retaining an audit trail history for at least one year. Section 10 also specifies how your logging solution needs to perform. This includes automating audit trails for all system components and securing audit trails so that they cannot be altered.
This regulation is especially important for organizations using IBM i’s. The state of logging on most IBM i’s is not good. The IBM i doesn’t log information like your other systems and the security logs that it does produce are often an enclave inside the IT organization.
So what does this mean? Only the IBM i administrators can know what is happening on that machine – all the valuable logging information is sequestered on the IBM i. Network originated threats to the IBM i are often not noticed or responded to by the security team. This puts a lot of sensitive data at risk and your organization not meeting compliance regulations.
There is an answer. Townsend Security has been helping customers meet section 10 of PCI DSS with Alliance LogAgent.
- A complete solution that can capture and forward all IBM i security events
- Built by IBM i experts specifically for SIEM integration
- Robust filtering capability minimizes network impact
- Strong encryption between IBM i and SIEM console
- Seamless integration with ANY SIEM console
- Integrated User Monitoring and log forwarding
To learn more, we recently recorded a webinar titled “Understanding Log Management on the IBM i.” View this 30-minute webinar and learn how to meet compliance requirements with real-time security event logging across your Enterprise.