Secure > Overview: WebSphere Commerce and the PCI Data Security Standard > Address the PCI Data Security Standard within WebSphere Commerce


Requirement 11: Regularly test security systems and processes

While beyond the scope of WebSphere Commerce, it is important to regularly test security systems and processes. Refer directly to the PCI DSS for details on testing requirements.

Section 11.5 of the PCI-DSS makes recommendations regarding the deployment of a file integrity monitoring system. When configuring the files to monitor, add all files under the WC_INSTALL and WC_PROFILE. This ensures that you monitor critical configuration files such as wc-server.xml, log files, and custom key files.


Previous topic: Requirement 10: Track and monitor all access to network resources and cardholder data


Next topic: Requirement 12: Maintain a policy that addresses information security for employees and contractors


+

Search Tips   |   Advanced Search