File integrity monitoring is critical for security and compliance, and is required by such regulations as NIST 800-53 and PCI to prove compliance. To minimize the risk to sensitive data, while meeting the needs for compliance with requirements such as PCI DSS Section 11.5, detection of unmanaged changes in file servers and storage appliances is necessary. 20 Critical Security Controls for Effective Cyber Defense, often called Consensus Audit Guidelines (CAG), include a requirement to utilize file integrity checking tools to ensure that critical system files have not been altered.
PCI DSS 11.5 mandates: “Deploy file integrity monitoring to alert personnel to unauthorized modifications of critical system or content files, and perform file comparisons at least weekly or more frequently if the process can be automated.”
As a mandated dimension of the PCI DSS, file integrity monitoring ensures that program and operating system files have not been compromised. Using file integrity monitoring technology is important to verify that malicious code has not been inserted into sensitive system, configuration and/or content files. Knowledge of exactly who modified the file, what the change was, when and where the change was made in order to prevent possible security and business impact is critical.
Netwrix Auditor provides cost-effective, comprehensive and robust solution that addresses the need of file integrity auditing. The product supplies important information needed by security teams to detect attacks that could lead to a dangerous data breach, and provides detailed reports that help maintain compliance.
Netwrix Auditor ensures protection of critical data by providing the following file integrity details:
Be aware of all changes, protect sensitive data, significantly reduce audit preparation time and maintain compliance with the regulations requiring file integrity monitoring.
|Download Free Trial||Request Quote||Questions?|