Logging – Which controls of PCI DSS SAQ D requirements do they address?

  • Team Omega
  • April 23, 2012

Requirements 10.2, 10.3, also 10.5 upto 10.5.7 deal with logging of events and retention of those events for 365 days. Logging is necessary,

  • For retention of audit trail history for at least one year, with a minimum of three months immediately available of analysis
  • For reviewing of all system functions
  • To go back for verifications
  • For thorough parsing in case of a breach
  • For invalid login attempts
  • For user identification
  • For identification of affected data for each audit trail entry
  • Type of event, date and time

Omega ATC’s customers who are using our security services are finding this to be a critical aspect of data security and for providing proof to their auditors who certify a retailer’s compliance status. Contact pci@www.omegasecure.com.