The Kinamik Secure Audit Vault helps organizations comply with the following standards:
Payment Card Industry Data Security Standard (PCI DSS)
This is an international industry standard administered by the PCI Council and enforced by the sponsoring credit card brands. It defines a standard baseline level of security to be implemented to protect credit card data. Non-compliance to the standard may result in significant fines and prevention of participation in payment scheme of PCI Council members.
PCI DSS is designed to protect card holder data, detect security breaches and react appropriately. The Kinamik Secure Audit Vault adds significant value to the monitoring and detection requirements of the standard and can be a differentiating factor especially in responding to legal requirements of handling sensitive data. As an example, it specifically address Section 10.5.5: "Use file integrity monitoring and change detection software on logs to ensure that existing log data cannot be changed without generating alerts (although new data being added should not cause an alert)". There are also other sections that are fully addressed, such as the ones related to controlling access to the log information and having some data mining capabilities.
BS 10008 Evidential weight and legal admissibility of electronic information
: This standard has been recently releases to ensure the legal admissibility of electronic data. For achieving this, "information needs to be managed by a secure system throughout its lifetime (which can be for many years). Where doubt can be placed on the information, the evidential weight may well be reduced, potentially harming the legal case". The Kinamik Secure Audit Vault facilities compliance by providing a tamper-evident platform in which audit data can be preserved for ensuring its integrity and authenticity. It also provides confidentiality properties by encrypting this sensitive information.