The Retailer's Guide to Becoming and Remaining PCI Compliant

Change vs. Modification
Any retail organization that's considered by PCI has a need to actively monitor in-scope and critical files for change. These days, the amount of changes that may have to be monitored can add significant administrative time to the process of identifying those key changes that are critical and significant to the security or compliance of the organization. A solution put in place that has the ability to stop or block unauthorized change to critical assets will greatly reduce the administrative work of sorting through all the expected and unexpected changes.