Reading Football Club has enhanced its internal systems monitoring as part of its preparations to comply with the latest Payment Card Industry Data Security Standards (PCI DSS).
The club has bought Tripwire Express software to ensure the thousands of credit card transactions it processes every month are secure and that it is compliant with new standards which are due to be introduced this autumn.
Tripwire Express monitors changes to system files on the club’s servers, which Garry Hanson, IT manager of Reading FC, virtualised about four years ago. It then generates reports that Hanson is required to check every day.
"It [the software] monitors any system file and any changes, even when I upgrade patches on my servers," said Hanson.
The software runs on a Windows server and uses an SQL database. The organisation has 14 virtualised servers and two standalone IBM AS/400 servers used for ticketing.
"The software is easy to use and the reports generated through the system will reduce the overheads associated with maintaining our IT systems, whilst making ongoing PCI audits much quicker," Hanson added.
It joins the football club’s other PCI compliance tools, which include four firewalls from SonicWALL. PCI guidelines specify that merchants are required to install and maintain a firewall configuration to protect cardholder data.
The PCI Security Standards Council announced last month that it expected to issue a summary for a new PCI standard by the summer, which would go into effect in October.