Malicious Insiders Are Majority of PCI-DSS Breaches. Here’s How to Make the Most of Compliance | Chatsworth Products
We use cookies to personalize content and to analyze our traffic. You consent to cookies if you continue to use this website. To find out more or to disable cookies view our Privacy Policy. X
 

Malicious Insiders Are Majority of PCI-DSS Breaches. Here’s How to Make the Most of Compliance.

(Security) Permanent link

Security AccessAlmost 60 percent of attacks within the financial services industry are carried out by insiders advertently or inadvertently, according to a 2017 report by IBM X-Force Threat Intelligence Index.

To address security weaknesses, the PCI Security Standards Council (PCI SSC) created the PCI DSS which protects cardholder data in the digital age. Vulnerabilities appear everywhere in the card-processing sphere, including point-of-sales devices, wireless hotspots, e-commerce, transmission of cardholder data to service provider, etc.

One of the requirements of PCI is to restrict physical access to cardholder data, such as:

  • Using appropriate facility entry controls to limit and monitor physical access to systems in the cardholder data environment
  • Developing procedures to easily distinguish between onsite personnel and visitors, such as assigning ID badges
  • Using a visitor log to maintain a physical audit trail of visitor information and activity, and retaining the log for at least three months

First Line of Defense

Cabinet-level security is the first line of defense for data centers’ data protection and security policies. Chatsworth Products’ (CPI) eConnect Electronic Access Control (EAC) provides a simple and effective solution for physical access control, power management and environmental monitoring.

eConnect EAC is a cost-effective networked locking solution works with CPI's eConnect Power Distribution Units (PDUs) using a single network connection and one interface to monitor all three elements, greatly simplifying rack management.

This integrated approach provides a single view and the ability to manage power at each outlet and cabinet, monitor status of environmental conditions and control each cabinet access attempt with an audit trail report that is easily exportable via a user-friendly web interface—a documentation requirement by PCI-DSS.

For more information on eConnect EAC and how it simplifies regulatory compliance, download the Regulatory Compliance Application Sheet.

Raissa Carey, Technical Writer


Posted by Raissa Carey, Technical Writer at 07/09/2018 08:30:17 AM


Leave a comment
Name (required)
Email (optional, not published)
Your URL (optional)
Comment


Note: Conversation is encouraged and expected. However, moderation of comments is necessary to prevent spam, personal attacks, profanity, or off-topic commentary. Comments related to specific product support or customer service issues will be addressed separately rather than posted here. Please email [email protected] for assistance with these matters.


12/5/2024 11:50:42 AM