10.1 Establish a process for linking all access to system components to each individual user (audit trails).

EFT Server's Auditing and Reporting Module (ARM) allows you to generate preconfigured reports of EFT Server activity.

10.2  Implement automated audit trails for all system components to reconstruct the following events:

ARM can generate preconfigured reports of all EFT Server activity. EFT Server determines whether the audit database is connected and properly configured.

10.3 Record at least the following audit trial entries for all system components for each event:

ARM scans each PCI DSS requirement addressed in the Server, and reports on the PCI DSS-compliance status of each (Pass, Fail, or Warning). The report  also provides a description of the requirement tested for each item. For failed requirements, the report presents a reason the non-compliant setting was used, if you provided one at the time that particular setting was disabled/changed.

10.4 Synchronize critical system clocks and times

External to EFT Server

10.5 Secure audit trails so that they cannot be altered.

EFT Server’s ARM reports are only available to users who can access EFT Server computer. External processes can be used to encrypt and/or record the hash values of logs for non-repudiation purposes. Access to EFT Server’s ARM reports can be optionally granted to sub-administrators.

10.6 Review logs daily

You can configure EFT Server to generate a daily PCI DSS compliance report on all related EFT Server settings and send it via e-mail to the appropriate recipient(s).

10.7 Retain audit history for at least one year, with a minimum of three months available for analysis.

External to EFT Server