Reducing the Impact of PCI DSS Section 2.2
Compliance with PCI DSS Section 2.2 requires you to "Develop configuration standards for all system components. Assure that these standards address all known security vulnerabilities and are consistent with industry-accepted system hardening standards."
The challenges? Good configuration management, utilizing industry best practices, is the most effective way for you to ensure that your systems are well protected from attacks that could expose card data.
The challenges you face, however, are many:
- How do you ensure that all systems have their configuration assessed regularly?
- What standards should you apply to Windows, UNIX, Linux, or iSeries hosts?
- How will you keep up-to-date with all the vulnerabilities that apply?
- What reports are necessary and how will you managed them?
- How can you manage business configuration exceptions to the standard in a secure way?
PCI DSS Section 2.2 Compliance with NetIQ
NetIQ® Secure Configuration Manager™ enables you to deliver automated, streamlined assessment of system configuration to ensure best practices are enforced.
Your systems will be more secure and better equipped to meet the PCI DSS Section 2.2 requirements:
- Simplified assessment of configuration
- Automated reporting against PCI DSS requirements
- Seamless inclusion of new standards from best practices bodies like the Center for Internet Standards (CIS)
- Inclusion of the latest vulnerabilities from the National Vulnerability Database
- Automation of management and approval for business exceptions
- On-line and off-line agent and agentless assessment reporting
- Multi-platform coverage for Windows, UNIX, Linux and iSeries
NetIQ Secure Configuration Manager, when combined with NetIQ's unique, process-automated technology, NetIQ® Aegis®, can provide fully automated assessment, reporting and management of system compliance to further reduce the workload of your compliance teams, while streamlining the complex task of protecting data and meeting the demands of PCI DSS.
