SecureConnect Logo
Phone: 888-949-7328 | mySecureConnect Login
 

Content on this page requires a newer version of Adobe Flash Player.

Get Adobe Flash player
pci-compliance.jpg

File Integrity Monitoring Solution

Let our File Integrity Monitoring Solution be your eyes; alerting you of threats you didn’t know were there.

What is File Integrity Monitoring (FIM)?

With valuable cardholder data moving through your network, monitoring critical files on systems (i.e. POS terminals, back-office computers, controllers, etc.) that touch your payment card environment is essential.

File Integrity monitoring helps to identify changes to critical files and notify you when such changes occur. It is important that you are notified on unauthorized changes to key system files, configuration files and content files as this could indicate that you have been breached or are at risk of being compromised.

What types of files should be monitored?

Files that should be monitored are all critical operating systems and payment application files. Although these files change infrequently, if compromised could result in data loss or unauthorized access to cardholder data.

Features Include:

  • Evaluates critical files on a weekly basis and alerts customer of any unauthorized changes to system files.
  • Easy to install – can be done remotely.
  • Automatic updates – no additional management needed by the customer.
  • Low maintenance and easy to use.
  • Automated comparison for integrity and security.
  • FIM alerts are intended to find and eliminate data risk, minimizing the chances of a breach. These must be included in the incident-response process.
  • Detects all changes to files being monitored. This continuous FIM solution will record every change that occurs and retains it in the audit logs.
  • Files are hashed twice using:
    • SHA1 cryptography
    • CRC32 cryptography
  • Scan configurations can be customized on a per device basis.
    • Ability to create unique file sets to be monitored
    • Ability to schedule the scan interval
  • Alerts are automatically sent to you via e-mail and are visible in the mySecureConnect porta.l
    • As required by PCI DSS requirement 10.3 (10.3.1-10.3.6) the event details including the type of event, date and time, system affected and so on are recorded for easy reference.
  • Audit logs are retained for 1 year, with 90 days available immediately online through the mySecureConnect portal.
    • Logs are retained in a secure manner and cannot be altered
    • This helps meet PCI DSS requirements 10.3, 10.5, and 10.7

Learn more about File Integrity Monitoring for your business.
SecureConnect Provides Security Beyond PCI.
Request More Information Request a Free PCI Consultation Become a Customer
 
 
Learn More
Why SecureConnect
 Packages
 Managed Firewall
 PCI Compliance
 Archived Webinars
 SecureConnect Blog
 Case Studies
 FAQs

SecureConnect Scoop
About Us
 Approved Scanning Vendor
 Careers
 Press Releases
 Terms of Use
 Privacy Policy
 Site Map
 Next Steps
Send Informational Packet
 Get a Free PCI Scan
 Receive Communications from us
 Request a Free PCI Consultation
 Launch the PCI Wizard
 Email Us
 Sign Up
 mySecureConnect Login
 Call Direct: 888.949.7328

 Follow SecureConnect
Follow us with RSS feed Subscribe to our RSS feed
Follow us on Twitter Follow us on Twitter
Follow us on Facebook Become a Facebook fan
Follow us on Facebook See our events on Flickr
Visit our profile on Linkedin Join us on Linkedin
© 2010 BHI Advanced Internet, Inc. Provider of SecureConnect®. All Rights Reserved.