Hi all, I have a quick question on pci compliance and how you guys\gals are handling it for servers you have that take credit card data? We have a small amount of servers that basically host the web code to take cc info and its then passed on directly to the processor. Nothing stays on the server at any time, but we would like to be able to pass a pci audit on these servers which requires that we have "automated" software that monitors and detects changes in the log files, and software that monitors key files (windows directories, and our app directories) for any changes and sends out an alert. We're looking at Tripwire product, but they seem pretty expensive for the small amount of servers we're talking about. Any thoughts?
Thanks in advance. -Greg ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
