Description
Change control in IT environments has been a focus for a decade or so, especially for application changes. In this webinar you will learn:
The components of a strong change management program, including specifics on configuration management, system hardening, and compliance review.
In addition, the types of logging and monitoring required by the PCI DSS will be discussed which will enable confidence in approaches and tools that will meet the intent of the requirement and establish security.
Why Should You Attend:Configuration changes are also important to document and test and standards like the PCI DSS have brought this topic to the forefront. It`s no longer acceptable to change a setting on a firewall or a server without documenting the reason, impact, testing and who did the work. Every change to a system, especially a cardholder data system must be documented.
Change control is the proactive approach to making changes and monitoring helps close the loop by making sure no changes are made without going through the change management process. Several types of monitoring are required by the PCI DSS to help organizations understand whether change management process are working effectively and to help with early detection of intruders in the system.
