PCI-DSS Regulatory Compliance with Lieberman Software

The Payment Card Industry Data Security Standard (PCI DSS) was developed by leading credit card industry agencies to define best practices for protecting its members against electronic fraud. Failure to comply with PCI DSS policies can result in the creditor’s loss of access to the crediting agency.

Today's Identity Access Management (IAM) technologies don't detect or secure the privileged identities that hold elevated permissions to access electronic payment records, install and run programs, and change configuration settings on servers, workstations, applications and network appliances.

Enterprise Random Password Manager (ERPM) helps organizations fill regulatory compliance gaps by securing privileged accounts, and by providing the auditing and control necessary to specifically address the following key PCI DSS requirements:

Removal of custom application accounts, user IDs, and passwords before applications become active
Restriction of access rights to privileged user IDs to least privileges
Coverage of all system components
Immediately revoke access for all terminated users
Remove/disable inactive user accounts at least every 90 days
Enable accounts used by vendors for remote maintenance only during the time periods needed
Do not use group, shared, or generic accounts or passwords
Change user passwords at least every 90 days
Implement automated audit trails for all system components

hardens and auto-propagates secured privileged login credentials wherever they may reside and provides a reliable audit trail to document the requestors, systems and accounts, time frames, and purpose of each access request.

Download the datasheet and then contact an account manager to learn more.