This whitepaper highlights some of the key areas in which LogRhythm, the leader in Log and Security Event Management Solutions, can help companies adequately meet the PCI Data Security Standards. The whitepaper also details the compliance requirements along with ways in which LogRhythm meets and exceeds those regulations.
LogRhythm and PCI Compliance
PCI Compliance is a critical issue today for businesses that process credit card information. Companies that do not have the proper procedures in place for protecting credit card data can be subject to significant fines and penalties. The PCI regulation has specific requirements around log data centralization, archiving, monitoring and reporting for security and audit. Unfortunately, organizations face a huge challenge meeting these requirements easily, efficiently, and affordably.
With logs accounting for up to 25% of an enterprise's total data, organizations are under the gun to effectively manage and review the millions of logs generated on their networks every day. One of the time-saving capabilities of LogRhythm is an automated "one- "LogRhythm's turnkey log button" reporting feature that automates daily and weekly reports to easily management solution is easy demonstrate compliance to auditors. to install and very intuitive to LogRhythm's turnkey solutions provide companies of all sizes easier and use. Its comprehensive more affordable ways to automate log management and stay on top of functionality easily satisfied compliance requirements - whether it's PCI, Sarbanes-Oxley, HIPAA or FISMA. the PCI audit requirements for log retention, review, and analysis. The combination of Payment Card Industry (PCI) Data Security Standard LogRhythm's robust feature set and its easy-to-use The Payment Card Industry (PCI) Data Security Standard was created by the leading credit card companies to ensure customer data is safeguarded. Visa, interface continue to make it a MasterCard and American Express require service providers and merchants real winner for Wild Oats." that store, process, or transmit cardholder data to comply with the PCI Data Security Standard. The PCI Data Security Standard provides a single, Kevin Holestine, uniform approach for securing and safeguarding sensitive customer data. IT Security & Compliance Wild Oats Market Non-compliance can result in significant penalties and can include revocation of the company's right to accept or process credit card transactions.
Fortunately LogRhythm can help. LogRhythm directly meets many PCI requirements and reduces the cost of complying with others. LogRhythm automates log data collection and centralization from servers, applications, and network devices containing or protecting customer data. A copy of every log collected is stored in compressed archive files providing for efficient long term storage. Important audit events are automatically identified in real-time with the appropriate individuals alerted. You can easily search for and retrieve logs that meet your criteria at any time for analysis and forensic investigation. Compliance report packages are just a button click away.
Copyright 2008 LogRhythm, Inc. Page 1 of 5
LogRhythm Report Center for PCI LogRhythm includes an extremely powerful and flexible reporting system. LogRhythm includes the most common reports out of the box. However, users can create their own reports using our built-in templates combined with our powerful filtering capabilities. Reports can be grouped and run together in 'packages'. The following screenshot shows LogRhythm's canned daily PCI Report Package.
LogRhythm also includes industry-leading, real-time monitoring capabilities.
LogRhythm's Personal Dashboard provides a fully customized view of events in real-time. Using the Personal Dashboard, users can quickly and efficiently monitor for suspicious activity impacting servers, applications, and devices housing cardholder data.
"To meet PCI requirements and other data security mandates, organizations must have adequate controls for log management, including collection, review, retention and destruction. Automated and centralized solutions like LogRhythm are essential for companies to meet key parts of the PCI regulation. Coalfire has validated LogRhythm's technology as meeting requirements under PCI and industry standards and best practices for this key control area." Alan Ferguson Vice President and Co-Founder Coalfire Systems, Inc.
Copyright 2008 LogRhythm, Inc. Page 2 of 5 LogRhythm Compliance Support for PCI
Install and maintain a firewall configuration to protect data
1 LogRhythm collects logs from firewall ... [download for more]
