IT Security and Compliance White Papers

Read the latest white papers from industry experts New Net Technologies. We provide comprehensive information on IT security and compliance.

The PCI DSS security standard calls for a broad range of security measures, but beyond the use of firewalling, intrusion protection systems and anti-virus software, the understanding of the requirements and responsibilities of the merchant are very often poorly understood.

Although FIM or File-Integrity Monitoring is only mentioned specifically in two sub-requirements of the PCI DSS (10.5.5 and 11.5), it is actually one of the more important measures in securing business systems from card data theft.

Vulnerability management is a key security best-practice that serves to prevent the complete spectrum of cyber-attacks. But how do you strike the right balance between maintaining the security of an IT environment that never stands still, and maximizing system performance, uptime and service delivery?

A formalized Change Management process is vital in order to maximize the effectiveness of any change while minimizing potential problems resulting from a configuration change being made. All security and corporate governance policies such as the PCI DSS, SOX, NERC CIP, HIPAA, ISO27K and GCSx CoCo all demand a robust change management process for this reason.

Our medical, health and personal information should remain private. While the principle of Doctor-Patient confidentiality has always been regarded as sacrosanct, the electronic age has inevitably led to greater ease of access to all information, including confidential patient details a.k.a. electronic protected health information.

All security standards and Corporate Governance Compliance Policies such as PCI DSS, GCSx CoCo, SOX (Sarbanes Oxley), GLBA, NERC CIP, HIPAA, HITECH, ISO27000 and FISMA require IT systems to be secure in order that they protect confidential data.

The Health Information Technology for Economic & Clinical Health (HITECH) act really does ‘up the ante’ for HIPAA enforcement.

This whitepaper is a Guide for IT professionals – an ‘Everything you wanted to know about Compliance’. Anyone with experience of being audited in the past will learn how to remain compliant with your required standards, making the next round of Audits much more straightforward.

Any organization storing, processing or transmitting Primary Account Numbers (PAN) must comply with the Payment Card Industry Data Security Standard or PCI DSS.

Understanding the background, the objectives and the detailed requirements of the standard is still proving to be a challenge for thousands of organizations around the world. This whitepaper aims to give a basic backgrounder in traditional ‘101’ style.

The visibility of configuration changes provided by traditional ‘Tripwire®-style’ file integrity monitoring may provide a great solution for breach detection and security governance, but in the past, this has come at a price. Changes need to be reviewed and approved and to do this properly has always been a labour-intensive task.

PCI DSS Version 3.2.1 - This solution brief addresses the requirements of the PCI DSS Version 3.2.1 where NNT Change Tracker (File Integrity Monitoring) NNT Log Tracker (SIEM Log Analyzer), and NNT Vulnerability Tracker can provide a solution. Using NNT solutions alone will satisfy 45% of total PCI compliance requirements, but with typical implementation times of just a few hours.

Contact Us

Corporate Headquarters

Netwrix
6160 Warren Parkway, Suite 100
Frisco, Texas, 75034

Phone 1: 1-949-407-5125

Phone 2: 888-638-9749 (toll-free)


[email protected]
 

United Kingdom

Netwrix
5 New Street Square
London EC4A 3TW

Phone: +44 (0) 203 588 3023


 [email protected]
SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Now Certified IBM Security
Copyright 2024, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.