Check out these interesting research results from VeriSign that name the 5 toughest requirements of PCI compliance. Researchers found that organizations were most likely to be non-compliance with these top 5 requirements: | Requirement 3 | Protect stored data | 79% | | Requirement 11 | Regularly test security systems and processes | 74%
| | Requirement 8 | Assign a unique ID to each person with computer access | 71% | | Requirement 10 | Track/monitor network resources and cardholder data | 71% | | Requirement 1 | Install and maintain a firewall configuration to protect data | 66% |
For the top 2 requirements, you need a top-notch security and encryption solution along with best practices for requirement 8. However, I find it interesting that 71% of the people in the VeriSign survey were non-compliant with requirement 10 – track/monitor network resources and cardholder data. Solidcore’s S3 Control product is a perfect fit for this compliance requirement as it can track changes (in real-time) and allows you to gain visibility across the infrastructure to identify hot spots, unauthorized activity and risky behavior. These capabilities allow IT professionals to drive accountability into their change processes and reduce mean-time-to-repair (MTTR) problems. Another way Solidcore stands above the competitors (i.e. Tripwire) is that it alerts and prevents unauthorized changes before they happen. This is a powerful differentiator because our technology: - Eliminates exposures to various risks between the times a violation is detected and communicated;
- Determines root cause;
- Proposes, assigns, and tests a fix, and
- Remediates the problem on the production system.
If you’d like to learn more about Solidcore’s PCI solution, drop me an email and I’ll send you our latest PCI white paper. by
Erin Swanson, Marketing
Eswanson@solidcore.com | 
