Our website uses cookies. To find out more information on the cookies we use, please head to our privacy policy.OK

The Nuisance of Compliance

So it’s that time of year again, the auditors are back in. They have spent the last 11 and a half months locked in a cupboard reading the latest versions of all your compliance standards and are ready to go through your estate with a fine tooth comb.

 

This time it’s PCI… so they come around quoting section numbers and how everything must conform to a uniform standard, one they like to see a documented copy of. So you open up Osirium and show them that you have strong authentication to all your devices. You show them the profiles that define who can gain access to what and that their level of privilege is defined, not just admin accounts everywhere. They ask about network settings, they want to see NTP server setting s set, remote syslog servers set and that auditing all actions of admins is turned on. So you fire up the PCI status report and show that all your devices are in check. Finally, they want to know if everything is patched with the latest security fixes, so you oblige and bring up the inventory report. Finally he asks if the milk in the fridge is in date…. well, we can’t check everything!!!

Related Articles

term->name is Audit & Compliance

Cyber Essentials: the basics, and exactly why it is essential to you and your business

Cyber Essentials is a government-backed, industry supported scheme designed to provide businesses with a set of measures…… Read Post

Osirium at PCI London June 2016

Osirium are attending the 13th PCI Conference demonstrating our solution in the exhibit area and presenting at a seminar session… Read Post

How to present Cyber Security issues to the Board | Osirium

Everyone has a unique view of what a board meeting is like and what the board actually care about. Here, Andy Harris explores how to communicate… Read Post