Cygna Labs
Book a Demo
shield

Strengthen your organization’s cybersecurity posture with software solutions from Cygna Labs

Meet PCI Compliance Requirements

PCI DSS standards ensure the security of credit card transactions by requiring organizations to implement a combination of relevant policies, procedures, and technical measures to protect cardholder data.

Implementing Information Security for US Federal Agencies

Industry defined requirements

The Payment Card Industry Data Security Standard (PCI DSS) is a set of minimum requirements established by the PCI Security Standard Council that any business that processes payment cards (e.g. credit or debit cards) must meet in order to secure the data to protect the cardholder.

Security standards to protect cardholder data

The aim of the standard is to enforce a set of carefully checked security guidelines. These policies are designed to prevent the compromise of customers' financial data held by merchants or service providers and obtained as part of payment card transactions.

Addressed PCI Compliance Requirements

Cygna Auditor addresses Requirements 7 (Restrict access to cardholder data by business need to know) and 10 (Track and monitor all access to network resources and cardholder data) of the PCI DSS standard.

7.1

Limit access to system components and cardholder data to only those individuals whose job requires such access

10.2.1

Implement automated assessment trails for all individual user accesses to cardholder data

10.2.2

Implement automated assessment trails for all actions taken by any individual with root or administrative privileges

10.2.3

Implement automated assessment trails for access to all audit trails

10.2.4

Implement automated assessment trails for invalid Logical Access attempts

10.2.5

Implement automated assessment trails for use of and changes to identification and authentication mechanisms and all changes, additions, or deletions to accounts with root or administrative privileges

10.2.6

Implement automated assessment trails for initialization of Assessment Logs

10.2.7

Implement automated assessment trails for Creation and Deletion of System Level Objects

10.3

Record at least User Identification, Type of Event, Date and Time, Success or Failure Indication, Origination of Event, and Identity or name of effected data, system component, or resource

10.6

Review logs and security events for all system components to identify anomalies or suspicious activity

Monitor Activity on Secured Systems

Cygna Auditor monitors all successful and failed data activity such as file or folder creation, access, updates, deletions, who made the changes and when they were made.

Monitor Activity on Secured Systems

Real-Time Notification of Sensitive Changes

Cygna Auditor's built-in and custom alerting notifies you of critical changes such as membership changes to privileged groups.

Real-Time Notification of Sensitive Changes

Privileged Account Management

Cygna Auditor allows you to monitor all changes made by privileged accounts to ensure they adhere to regulatory and organizational policies for the protection and privacy of data as well as that they do not abuse their unrestricted access.

Privileged Account Management
icon

Meet PCI Compliance Requirements