Back in 2006, the Payment Card Industry Data Security Standard (PCI DSS) version 1 introduced File Integrity Monitoring (FIM) as a standard security requirement. However, many merchants did not take this seriously while some even ignored it completely. Perhaps, this was because the tools were not sophisticated enough, or too many logs and alerts were created with nothing specific or meaningful to them. It was made out to be an option among the purchase of applications or tools necessary for data security. FIM was in a state of dormancy until PCI DSS Version 2.0 went into effect, after which improvements to the software made it more purposeful in its use.
PCI DSS Version 3.0 now mandates that FIM be part of business-as-usual activities. In particular, every Level 1 and level 2 merchant needs FIM in their retail environments. PCI DSS requirements 10.5.5, 10.6 and 12.10.5 are dedicated to File Integrity Monitoring controls:
- Monitoring changes to critical files
- Daily review of logs and alert
- Notification of changes as soon as detected
- Remediation of problems
- Configuration of software to perform critical file comparisons at least weekly
“If not implemented properly and the output of the change-detection solution is not monitored, a malicious individual could alter configuration file contents, operating system programs, or application executables. Unauthorized changes, if undetected, could render existing security controls ineffective and/or result in cardholder data being stolen with no perceptible impact to normal processing.”
How can FIM become an effective security tool?
FIM can become an effective tool if implemented with unique capabilities. A Managed Security Services Provider (MSSP) with a good understanding of a retail environment’s infrastructure, PCI Compliance requirements and data security should be able to configure the software meaningfully. Knowledgeable MSSPs know what types of controls should be used for monitoring changes while patches are being installed, how much information needs to be captured, and how much risk may be introduced to changes. If the software is implemented without specific properties and exact scope, log files will tend to grow senselessly and alerts generated several times a day. Managing and parsing the logs could become a full-time job if there is no intelligence added to the software.
What makes the capabilities of Omega ATC’s FIM truly remarkable?
Point-of-Sale systems in retail environments run on very limited storage. Omega’s FIM software accommodates for this with a small file size. The software is capable of working on POS machines, back office machines, payment transmission devices and servers. It also works on embedded Windows machines. Omega’s FIM data are centralized in one data repository for all stores making it easy to generate alerts as and when they occur. FIM implementation by Omega is done in such a way that they do not interrupt transactions of a busy work day. While other technologies are not capable of doing this, experts at Omega do precise calibrations which are key to implementing FIM. Proper calibrations take care of nuisances like non-stop logs and alerts that are not real threats.
Other Remarkables in Omega’s FIM
- Omega FIM can be targeted at multiple disk folders or entire disk volumes
- Scopes can be adjusted for specific machines or machine groups to meet monitoring requirements for PA-DSS compliance
- Fully compatible with Windows operating system folders
- No specialized disk drivers used to intercept disk i/o operations that can lead to hardware incompatibilities
- No file locking or performance reductions. Special OS “hooks” used for business application compatibility and performance
- No operating system component replacement to eliminate future OS patching or OS version upgrade issues
Omega’s FIM makes the tool relevant
Even if the PCI Data Security Standards did not mandate FIM, it is an indispensable tool to use for the security of sensitive data in all retail environments. Changes that are detected by FIM from Omega ATC alert on the vital changes in real time. Security Strategists report them immediately to the customer and take necessary actions to remediate a problem. The software developed by Omega is affordable and will not cause a dent in your wallet. It is fully integrated with all other components from Omega making it a ‘single pane of glass’ solution for data security and compliance.
Call us today at 636-557-7777. Take a look at your company’s data security measures. If you see a void because of File Integrity Monitoring, get in touch with us. PCI compliance and security are entirely addressed by Omega. To request a FIM data sheet, email us at firstname.lastname@example.org.