Scribd Logo
Upload

Welcome to Scribd!

  • The 12 Requirements: Req. 5: Prevent Malware

    Uploaded by

    Anil S
    10 views5 pages
    Requirement 5 aims to prevent malware on systems handling cardholder data. It requires installing antivirus software on commonly accessed systems and regularly updating antivirus definitions and scanning for malware. Individual users cannot disable antivirus software without approval. Policies and procedures around antivirus usage must be documented and enforced.

    Original Description:

    Original Title

    5_+Prevent+Malware

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Requirement 5 aims to prevent malware on systems handling cardholder data. It requires installing antivirus software on commonly accessed systems and regularly updating antivirus definitions and scanning for malware. Individual users cannot disable antivirus software without approval. Policies and procedures around antivirus usage must be documented and enforced.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    10 views5 pages

    The 12 Requirements: Req. 5: Prevent Malware

    Uploaded by

    Anil S
    Requirement 5 aims to prevent malware on systems handling cardholder data. It requires installing antivirus software on commonly accessed systems and regularly updating antivirus definitions and scanning for malware. Individual users cannot disable antivirus software without approval. Policies and procedures around antivirus usage must be documented and enforced.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 5

    THE 12 REQUIREMENTS

    THE 12 REQUIREMENTS
    REQ. 5: PREVENT MALWARE

    Requirement 5 (Protect All Systems Against Malware and


    Regularly Update AV Software or Programs) is all about
    keeping an Anti-Virus software to prevent malware on
    machines that deal with CHD, eliminating vulnerabilities.

    Sub-requirements include:
    - 5.1 AV Software on Commonly Affected Systems
    - 5.2 Frequent Updating, Scanning, Logging
    - 5.3 AV Not Disabled by Individual Users
    - 5.4 Document/Enforce Policies and Procedures
    THE 12 REQUIREMENTS

    THE 12 REQUIREMENTS
    REQ. 5: PREVENT MALWARE

    5.1 AV Software on Commonly Affected Systems. All systems


    that are regularly accessed or regularly connect to networks.
    - Irrelevant of OS version or type (Windows, Mac, Linux, etc).
    Windows is more vulnerable, but others are also to a point;
    - No definition of “commonly accessed” - common sense;
    - A review of what is “commonly accessed” should be
    frequently done;

    5.2 Frequent Updating, Scanning, Logging. Periodic scanning


    and retention of these logs;
    - Lack of AV scanning only acceptable with a strong reason;
    - Log retention may become a problem for bigger,
    distributed orgs., but must be coordinated (AV log policy);
    THE 12 REQUIREMENTS

    THE 12 REQUIREMENTS
    REQ. 5: PREVENT MALWARE

    5.3 AV Not Disabled by Individual Users. People cannot just


    turn off the AV because it slows down the machine or they
    just “don’t like it”.
    - Should be performed through user policy controls;
    - AV can be turned off for very short periods of time, but it
    must be approved by management and with a good
    reason;

    5.4 Document/Enforce Policies and Procedures. As usual,


    making sure that the policies, procedures and controls
    mentioned in previous points are known by employees, and
    put to use by them.
    THE 12 REQUIREMENTS

    THE 12 REQUIREMENTS
    REQ. 5: PREVENT MALWARE
    EXAMPLES

    /01 “COMMONLY AFFECTED”


    This is a case where PCI-DSS is relaxed, and the
    minimum requirement. Air-gapped machines or
    mainframes are not included. They could be.

    /02 STRONG REASONS


    As mentioned, individual users can request to turn of
    their AV temporarily, with a strong reason. For
    example, running a CPU-intensive operation isolated.

    /03 “FREQUENT” IS KEY


    Antivirus software must be frequently updated,
    frequently scan, and frequently log results. The
    frequency is not a specific one, but must make sense.
    THE 12 REQUIREMENTS

    THE 12 REQUIREMENTS
    REQ. 5: PREVENT MALWARE
    KEY TAKEAWAYS

    /01 PREVENT MALWARE /02 5.1 COMMONLY AFFECTED


    Requirement 5 is about constantly running AV All machines that are commonly affected by malware
    software on all machines that is updated, regularly must have AV running on them, with no exceptions,
    scans, logs results, and cannot be turned off. even if the host OS seems “safe”.

    /03 5.2 FREQUENT U/S/L /04 5.3 USERS CAN’T TURN OFF
    This point is about frequently updating, scanning, and 5.3 is all about users not being able to individually turn
    logging. The AV must be up-to-date, it must run scans off the AV in their machines if they feel like it. There
    regularly, and the logs must be kept. are specific exceptions, requiring good justifications.

    /05 5.4 DOCUMENT/ENFORCE


    The final requirement is about making sure these
    policies and procedures are documented, and put to
    use by employees.

    You might also like