Using LepideAuditor for PCI Compliance

All server components, including Active Directory, Group Policy Objects, Exchange, SQL Server, SharePoint and File Server, should meet the requirements of different sections of PCI compliance. Organisations must make sure they have records available to prove that they are compliant. These records can only be generated through in-depth auditing of these servers and putting together detailed reports. Native auditing has numerous drawbacks when it comes to this. In many cases, it is either too time consuming or too complex a process to be viable. LepideAuditor simplifies IT auditing tasks and provides a single platform with which to audit multiple instances of different servers. It also contains many pre-defined reports within a PCI compliance section that have been specifically tailored to help you meet these requirements.

Over 5,000 Organizations Use LepideAuditor to Meet Regulatory Compliance Mandates

How We Help in Meeting PCI Compliance Mandate

Audit Access to Payments Data

Any access to payment data needs to be recorded in order to ensure that no unauthorized activities are taking place and that the sensitive data is safely stored. LepideAuditor contains in-depth auditing reports that enable you to monitor and report on every access made to files, folders and mailboxes. You can get real-time alerts on any access made to critical data or mailboxes delivered as emails to selected recipients or as push notifications to the LepideAuditor App.

Audit Users of Payments Data

Any Active Directory user that has the ability to create, delete or modify payment data must have their actions closely monitored and audited. Any changes in their permissions should be made clear to the administrators and other concerned persons in order to ensure a policy of least privilege is upheld. LepideAuditor displays real-time reports on the activities of Active Directory users. Each change is audited in real-time and an alert is sent to the intended recipients via email or push notifications on the LepideAuditor App.

Audit Computers Storing Payments Data

Computers that store payment data are required to be audited as per PCI standards. This is to ensure that accesses and changes taking place on that particular computer are authorized and the payment data is secure. LepideAuditor provides dedicated reports to keep track of changes made to computer objects. Real-time information helps administrators maintain awareness on critical issues that may arise due to any unwanted change.

Keep a Check on User Groups

Access permissions are often assigned to users through groups. This means that any changes in group memberships may result in excessive permissions being awarded to junior members of staff. When this occurs in relation to payment data, PCI compliance comes into play. LepideAuditor helps you keeps track of all changes made to Active Directory and Exchange Server groups. It notifies administrators in real-time about any critical change taking place in these servers.

Audit Permissions

In accordance with PCI compliance regulations, it is advisable to maintain a policy of least privilege to ensure that users have only the levels of privilege that they require in order to fulfill their job requirements. LepideAuditor keeps track of all changes in the permissions of Active Directory objects and offers dedicated reports on them. You can set real-time alerts that will be delivered by email or push notification to the LepideAuditor App.

Want to see the award-winning LepideAuditor in action? Schedule a Demo

Read all reviews

Read all stories

More from Lepide

Blog
Insider Threats Don’t Apply to Me…Do They?

Despite being responsible for around 30% of all cybercrime, insider threats don’t seem to get the same attention when it comes to security budgets as preventing external attacks.

Learn More ->
Whitepaper
Popular Cyber Attack Methods and How to Mitigate Them

This White Paper will go through some of the most popular cyber-attack methods attackers are using and the steps you can take to mitigate the risks of you falling victim to them.

Learn More ->
News
LepideAuditor 18.7 – Analyze Your Excessive Permissions

The latest version of the award-winning LepideAuditor now enables you to analyze users and objects with excessive permissions to help you avoid privilege abuse.

Learn More ->

Lepide® is a registered trademark of Lepide Software Private Limited. © Copyright 2018 Lepide Software Private Limited. All trademarks acknowledged.