PCI Compliance

Home Downloads Order  
 

Up
Products
Specials
Site Map
Support
Tech Info
Contact
Search

 

Time Stamp Feature
PCI Compliance
FDA
Utility Industry

 

 

 

 

 

 

 

PCI DSS Compliant Time Keeping with ClockWatch
 

PCI Compliance
Single Computer Solution
Network Solutions with Client/Server
How to Order

PCI Data Security Standard Overview

The Payment Card Industry (PCI)  Data Security Standard (DSS) is a worldwide information security standard assembled by the Payment Card Industry Security Standards Council (PCI SSC). The standard was created to help organizations that process card payments prevent credit card fraud through increased controls around data and its exposure to compromise. The standard applies to all organizations which hold, process, or pass cardholder information from any card branded with the logo of one of the card brands

The standard, PCI Data Security Standard Requirements and Security Assessment Procedures, uses as its foundation the 12 PCI DSS requirements, and combines them with corresponding testing procedures into a security assessment tool. Within the requirements are the need to keep all system clocks synchronized (req. 10.4)

The current version of the standard (1.2)[ specifies 12 requirements for compliance, organized into six logically related groups, which are called "control objectives."

Requirement 10 details the need for users to synchronize all system clocks.

 

Requirement 10 Regularly Monitor and Test Networks

Requirement 10: Track and monitor all access to network resources and cardholder data.
Logging mechanisms and the ability to track user activities are critical in preventing, detecting, or minimizing the impact of a data compromise. The presence of logs in all environments allows thorough tracking, alerting, and analysis when something does go wrong. Determining the cause of a compromise is very difficult without system activity logs.

PCI DSS Requirements

10.4 Synchronize all critical system clocks and times.

10.4 Obtain and review the process for acquiring and distributing the correct time within the organization, as well as the time-related system-parameter settings for a sample of system components. Verify the following is included in the process and implemented:

10.4.a Verify that a known, stable version of NTP (Network Time Protocol) or similar technology, kept current per PCI DSS Requirements 6.1 and 6.2 (software patches and updates), is used for time synchronization.

10.4.b Verify that internal servers are not all receiving time signals from external sources. [Two or three central time servers within the organization receive external time signals [directly from a special radio, GPS satellites, or other external sources based on International Atomic Time and UTC (formerly GMT)], peer with each other to keep accurate time, and share the time with other internal servers.]

10.4.c Verify that specific external hosts are designated from which the timeservers will accept NTP time updates (to prevent a malicious individual from changing the clock). Optionally, those updates can be encrypted with a symmetric key, and access control lists can be created that specify the IP addresses of client machines that will be provided with the NTP service (to prevent unauthorized use of internal time servers).
 

 Beagle Software has an PCI compliant solution that keeps your Windows computer or network synchronized to the atomic clock.

Beagle Software's Solution for PCI Compliance

Beagle Software's approach is a simple yet powerful software application that use the hardware and system software you already run.  In essence the approach features a main time-synchronization program that keeps the computer it is running on set to the correct time.  The approach is scalable - it allows other computers on the network to get the correct time or can provide the exact time to a specialized time stamping order printer.

Beagle Software's systems offer you an easy way to implement PCI compliance at your firm:

  • Single computers can keep in sync by running ClockWatch Pro
  • Networked computers can run ClockWatch Client/Server.  

The advantages of Beagle Software's PCI compliant time synchronization solution include:

  • Your computer or network stays within 1 second of the atomic time.

  • The solution meets the requirements of PCI Standard section 10.4

  • ClockWatch software maintains the correct time and logs all time settings with the NIST
  • Clocks can be locked down to prevent unauthorized users from changing date or time.

Synchronizing a Single Computer with the Atomic Clock

ClockWatch Pro offers a simple and effective means of keeping a single computer synchronized with the atomic clock. More...

Client/Server for Network Time Synchronization

When maintaining two or more networked computers at the correct time, we offer a Client/Server software solution that will keep an entire network set to the correct time.

acts as network time source for PC workstationsIn the diagram, ClockWatch Server is  servicing the time requests from workstations running ClockWatch Client. ClockWatch Server also keeps the computer it is running on set to the correct time by accessing external timeservers over the Internet or through a directly dialed connection. The trader's applications use the correct time maintained by ClockWatch.

The ClockWatch host server's job is to keep the time accurate on the host and to process requests and send appropriate responses. The ClockWatch Client's job is to send requests to the ClockWatch server to maintain the correct time.  All interaction with external timeservers is done by the host server. The communication link with the clients must be a network (e.g. Ethernet) connection.

How it works

  • Server is installed on the computer which acts as the enterprise-wide timeserver.
  • Server is listening on the LAN / WAN for client requests.
  • Server makes periodic calls to the NIST to keep the time accurate on the computer it is running on. To make the connection it uses the native Internet connection or gets time from GPS satellites, WWV broadcast or CDMA cell phone transmitters
  • Independently, a workstation running ClockWatch Client can synchronize to standard   time from Server over the LAN or WAN using the sockets protocol.
  • Server responds to each client with correct time, logging client request.
  • Since clients don't need to talk to timeservers on the Internet therefore Internet traffic is reduced and the integrity of corporate firewalls is maintained.
    •
  • Client adjusts time for time zone and sets internal clock to correct time, logging the time change.
  • Clocks can be locked down to prevent unauthorized date or time changes.
    •

Why Use Beagle Software?

As a potential Beagle Software customer, you can be secure in the knowledge that you would be working with a vendor who specializes in installing Client/Server time synchronization solutions for the Retail Industry.

Evaluating and Purchasing ClockWatch Client/Server

ClockWatch Pro and Client/Server software can be downloaded from our web site to allow for real-time evaluation. Just choose the packages from the Download Page. Please note that the evaluation version of ClockWatch Server will only work with a single ClockWatch Client.  When Client licenses are purchased, Beagle Software will provide the key codes to handle multiple clients. All products can be ordered on-line.

Potential customers can also request a free demonstration CD-ROM containing working versions of all the Client/Server application.  Request the free CD-ROM.

For more information or field engineering support contact Beagle Software.
ClockWatch main Page
  Products | Specials | Site Map | Support | Tech Info | Contact | Search | Search
Copyright © 2009 Beagle Software. All rights reserved
Last reviewed August 18, 2009