Back

Protect assets from tampering or unapproved substitution.


CONTROL ID
11902
CONTROL TYPE
Physical and Environmental Protection
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Establish, implement, and maintain an anti-tamper protection program., CC ID: 10638

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • keypad covers and anti-skimming devices (if the use of cards is needed) should be installed in terminals that require customers to input PIN for transaction authentication. Frequent patrols of terminals should be undertaken both during and after office hours in order to check the physical security o… (§ 7.3.2(ii), Hong Kong Monetary Authority Supervisory Policy Manual TM-E-1 Risk Management of E-Banking, v.2)
  • To protect the computer systems against malicious programs, proper precautions should be taken against intrusion of computer viruses and tampering with programs due to unauthorized access. (P20.1. ¶ 1, FISC Security Guidelines on Computer Systems for Financial Institutions, Ninth Edition, Revised March 2020)
  • For air-conditioning facilities installed outside of a building such as on the top of the building or in the site, it is necessary to take measures against intrusion by outsiders and the destruction of equipment in order to protect the computer system from hazardous influence. (F77.1. ¶ 1, FISC Security Guidelines on Computer Systems for Financial Institutions, Ninth Edition, Revised March 2020)
  • Information system assets should be adequately protected from unauthorised access, misuse or fraudulent modification, insertion, deletion, substitution, suppression or disclosure. (§ 4.1.1, Monetary Authority of Singapore: Technology Risk Management Guidelines)
  • Implement tamper-resistant keypads to ensure that customers’ PINs are encrypted during transmission; (§ 13.2.2.c, Monetary Authority of Singapore: Technology Risk Management Guidelines)
  • Supporting assets are protected. Disposal of supporting assets is conducted in accordance with one of the relevant standards (e.g. ISO 21964, at least Security Level 4). (C) (3.1.3 Additional requirements for high protection needs Bullet 1, Information Security Assessment, Version 5.1)
  • User data, and the assets storing or processing it, should be protected against physical tampering, loss, damage or seizure. (2. ¶ 1, Cloud Security Guidance, 1.0)
  • Your data, and the assets storing or processing it, should be protected against physical tampering, loss, damage or seizure. (2: ¶ 1, Cloud Security Guidance, 1.0)
  • Your data (and the assets storing or processing it) should be adequately protected. (2. ¶ 1, Cloud Security Guidance, 2)
  • Make security-related technology resistant to tampering, and do not disclose security documentation unnecessarily. (DS5.7 Protection of Security Technology, CobiT, Version 4.1)
  • Host devices shall provide the capability to support tamper resistance and detection mechanisms to protect against unauthorized physical access into the device. (14.6.1 ¶ 1, IEC 62443-4-2: Security for industrial automation and control systems – Part 4-2: Technical security requirements for IACS components, Edition 1.0)
  • Network devices shall provide tamper resistance and detection mechanisms to protect against unauthorized physical access into the device. (15.8.1 ¶ 1, IEC 62443-4-2: Security for industrial automation and control systems – Part 4-2: Technical security requirements for IACS components, Edition 1.0)
  • Use APs with tamper-proof chassis and mounting options that prevent physical access to ports and reset features. (4.1.1 B, Information Supplement: PCI DSS Wireless Guidelines, Version 2.0)
  • Protect devices that capture payment card data via direct physical interaction with the card from tampering and substitution. (9.9, Payment Card Industry (PCI) Data Security Standard, Requirements and Security Assessment Procedures, 3.1 April 2015)
  • Protect devices that capture payment card data via direct physical interaction with the card from tampering and substitution. (9.9, Payment Card Industry (PCI) Data Security Standard, Requirements and Security Assessment Procedures, v3.2.1)
  • Protect devices that capture payment card data via direct physical interaction with the card from tampering and substitution. (9.9, Payment Card Industry (PCI) Data Security Standard, Requirements and Security Assessment Procedures, Version 3.2)
  • Are devices that capture payment card data via direct physical interaction with the card protected against tampering and substitution as follows? (9.9, Payment Card Industry (PCI) Data Security Standard, Self-Assessment Questionnaire B-IP and Attestation of Compliance, Version 3.1)
  • Are devices that capture payment card data via direct physical interaction with the card protected against tampering and substitution as follows? (9.9, Payment Card Industry (PCI) Data Security Standard, Self-Assessment Questionnaire C and Attestation of Compliance, Version 3.1)
  • Are either video cameras or access-control mechanisms (or both) protected from tampering or disabling? (9.1.1(b), Payment Card Industry (PCI) Data Security Standard, Self-Assessment Questionnaire C and Attestation of Compliance, Version 3.2)
  • Are devices that capture payment card data via direct physical interaction with the card protected against tampering and substitution as follows? (9.9, Payment Card Industry (PCI) Data Security Standard, Self-Assessment Questionnaire D and Attestation of Compliance for Merchants, Version 3.1)
  • Are devices that capture payment card data via direct physical interaction with the card protected against tampering and substitution as follows? (9.9, Payment Card Industry (PCI) Data Security Standard, Self-Assessment Questionnaire D and Attestation of Compliance for Merchants, Version 3.2)
  • Are either video cameras or access-control mechanisms (or both) protected from tampering or disabling? (9.1.1(b), Payment Card Industry (PCI) Data Security Standard, Self-Assessment Questionnaire D and Attestation of Compliance for Merchants, Version 3.2)
  • Do policies and procedures require that devices are periodically inspected to look for tampering or substitution? (9.9 (b), Payment Card Industry (PCI) Data Security Standard, Self-Assessment Questionnaire D and Attestation of Compliance for Service Providers, Version 3.1)
  • Are either video cameras or access-control mechanisms (or both) protected from tampering or disabling? (9.1.1(b), Payment Card Industry (PCI) Data Security Standard, Self-Assessment Questionnaire D and Attestation of Compliance for Service Providers, Version 3.2)
  • Are devices that capture payment card data via direct physical interaction with the card protected against tampering and substitution as follows? (9.9, Payment Card Industry (PCI) Data Security Standard, Self-Assessment Questionnaire D and Attestation of Compliance for Service Providers, Version 3.2)
  • Are devices that capture payment card data via direct physical interaction with the card protected against tampering and substitution as follows? (9.9, Payment Card Industry (PCI) Data Security Standard, Self-Assessment Questionnaire P2PE and Attestation of Compliance, Version 3.1)
  • Examine documented policies and procedures to verify they include: - Maintaining a list of devices - Periodically inspecting devices to look for tampering or substitution - Training personnel to be aware of suspicious behavior and to report tampering or substitution of devices. (9.9, Payment Card Industry (PCI) Data Security Standard, Testing Procedures, Version 3.2)
  • The HSM uses tamper-detection and response mechanisms that cause it to become immediately inoperable and result in the automatic and immediate erasure of any sensitive data that may be stored in the HSM, such that it becomes infeasible to recover the sensitive data. These mechanisms protect against … (A1, Payment Card Industry (PCI), PIN Transaction Security (PTS) Hardware Security Module (HSM) - Security Requirements, Version 2.0)
  • Failure of a single security mechanism does not compromise HSM security. Protection against a threat is based on a combination of at least two independent security mechanisms. If the HSM relies upon visible tamper evidence for protection, the HSM has characteristics such that penetration of the devi… (A2, Payment Card Industry (PCI), PIN Transaction Security (PTS) Hardware Security Module (HSM) - Security Requirements, Version 2.0)
  • The HSM is assembled in a manner that the components used in the manufacturing process are those components that were certified by the Physical Security Requirements evaluation, and that unauthorized substitutions have not been made. (D3, Payment Card Industry (PCI), PIN Transaction Security (PTS) Hardware Security Module (HSM) - Security Requirements, Version 2.0)
  • The HSM should be protected from unauthorized modification with tamper-evident security features, and customers shall be provided with documentation (both shipped with the product and available securely online) that provides instruction on validating the authenticity and integrity of the HSM. Where … (E1, Payment Card Industry (PCI), PIN Transaction Security (PTS) Hardware Security Module (HSM) - Security Requirements, Version 2.0)
  • Failure of a single security mechanism does not compromise HSM security. Protection against a threat is based on a combination of at least two independent security mechanisms. If the HSM relies upon visible tamper evidence for protection, the HSM has characteristics such that penetration of the devi… (A2, Payment Card Industry (PCI), PIN Transaction Security (PTS) Hardware Security Module (HSM) - Security Requirements, Version 2.0)
  • The device uses tamper-detection and response mechanisms that cause it to become immediately inoperable and result in the automatic and immediate erasure of any sensitive data that may be stored in the device, such that it becomes infeasible to recover the sensitive data. These mechanisms protect ag… (A1, Payment Card Industry (PCI), PIN Transaction Security (PTS) Hardware Security Module (HSM) - Security Requirements, Version 3.0)
  • The device should be protected from unauthorized modification with tamper-detection security features, and customers shall be provided with documentation (both shipped with the product and available securely online) that provides instruction on validating the authenticity and integrity of the device… (J1 ¶ 1, Payment Card Industry (PCI), PIN Transaction Security (PTS) Hardware Security Module (HSM) - Security Requirements, Version 3.0)
  • Shipped and stored in tamper-evident packaging; and/or (J3 Bullet 1, Payment Card Industry (PCI), PIN Transaction Security (PTS) Hardware Security Module (HSM) - Security Requirements, Version 3.0)
  • The device is assembled in a manner that the components used in the manufacturing process are those components that were certified by the Physical Security Requirements evaluation, and that unauthorized substitutions have not been made. (I3, Payment Card Industry (PCI), PIN Transaction Security (PTS) Hardware Security Module (HSM) - Security Requirements, Version 3.0)
  • POI devices that capture payment card data via direct physical interaction with the payment card form factor are protected from tampering and unauthorized substitution, including the following: (9.5.1, Payment Card Industry Data Security Standard Requirements and Testing Procedures, Defined Approach Requirements, Version 4.0)
  • Monitoring devices or mechanisms are protected from tampering or disabling. (9.2.1.1 Bullet 2, Payment Card Industry Data Security Standard Requirements and Testing Procedures, Defined Approach Requirements, Version 4.0)
  • Examine documented policies and procedures to verify that processes are defined that include all elements specified in this requirement. (9.5.1, Payment Card Industry Data Security Standard Requirements and Testing Procedures, Defined Approach Testing Procedures, Version 4.0)
  • Observe locations where individual physical access to sensitive areas within the CDE occurs to verify that either video cameras or physical access control mechanisms (or both) are protected from tampering or disabling. (9.2.1.1.b, Payment Card Industry Data Security Standard Requirements and Testing Procedures, Defined Approach Testing Procedures, Version 4.0)
  • POI devices that capture payment card data via direct physical interaction with the payment card form factor are protected from tampering and unauthorized substitution, including the following: (9.5.1, Self-Assessment Questionnaire B and Attestation of Compliance for use with PCI DSS Version 4.0)
  • POI devices that capture payment card data via direct physical interaction with the payment card form factor are protected from tampering and unauthorized substitution, including the following: (9.5.1, Self-Assessment Questionnaire B-IP and Attestation of Compliance for use with PCI DSS Version 4.0)
  • Monitoring devices or mechanisms are protected from tampering or disabling. (9.2.1.1 Bullet 2, Self-Assessment Questionnaire C and Attestation of Compliance for use with PCI DSS Version 4.0)
  • POI devices that capture payment card data via direct physical interaction with the payment card form factor are protected from tampering and unauthorized substitution, including the following: (9.5.1, Self-Assessment Questionnaire C and Attestation of Compliance for use with PCI DSS Version 4.0)
  • Monitoring devices or mechanisms are protected from tampering or disabling. (9.2.1.1 Bullet 2, Self-Assessment Questionnaire D for Merchants and Attestation of Compliance for use with PCI DSS Version 4.0)
  • POI devices that capture payment card data via direct physical interaction with the payment card form factor are protected from tampering and unauthorized substitution, including the following: (9.5.1, Self-Assessment Questionnaire D for Merchants and Attestation of Compliance for use with PCI DSS Version 4.0)
  • Monitoring devices or mechanisms are protected from tampering or disabling. (9.2.1.1 Bullet 2, Self-Assessment Questionnaire D for Service Providers and Attestation of Compliance for use with PCI DSS Version 4.0)
  • POI devices that capture payment card data via direct physical interaction with the payment card form factor are protected from tampering and unauthorized substitution, including the following: (9.5.1, Self-Assessment Questionnaire D for Service Providers and Attestation of Compliance for use with PCI DSS Version 4.0)
  • POI devices that capture payment card data via direct physical interaction with the payment card form factor are protected from tampering and unauthorized substitution, including the following: (9.5.1, Self-Assessment Questionnaire P2PE and Attestation of Compliance for use with PCI DSS Version 4.0)
  • Logging facilities and log information shall be protected against tampering and unauthorized access. (A.12.4.2 Control, ISO 27001:2013, Information Technology - Security Techniques - Information Security Management Systems - Requirements, 2013)
  • Logging facilities and log information should be protected against tampering and unauthorized access. (§ 12.4.2 Control, ISO/IEC 27002:2013(E), Information technology — Security techniques — Code of practice for information security controls, Second Edition)
  • SL 4 – Protect the integrity of the IACS against manipulation by someone using sophisticated means with extended resources, IACS specific skills and high motivation. (7.1 ¶ 1 Bullet 4, Security for Industrial Automation and Control Systems, Part 4-2: Technical Security Requirements for IACS components)
  • Integrity verification methods are employed to detect, record, report and protect against software and information tampering that may occur if other protection mechanisms (such as authorization enforcement) have been circumvented. Components should employ formal or recommended integrity mechanisms (… (7.6.2 ¶ 1, Security for Industrial Automation and Control Systems, Part 4-2: Technical Security Requirements for IACS components)
  • Network devices shall provide tamper resistance and detection mechanisms to protect against unauthorized physical access into the device (15.8.1 ¶ 1, Security for Industrial Automation and Control Systems, Part 4-2: Technical Security Requirements for IACS components)
  • Host devices shall provide the capability to support tamper resistance and detection mechanisms to protect against unauthorized physical access into the device. (14.6.1 ¶ 1, Security for Industrial Automation and Control Systems, Part 4-2: Technical Security Requirements for IACS components)
  • Employ [Assignment: organization-defined anti-tamper technologies] to [Selection (one or more): detect; prevent] physical tampering or alteration of [Assignment: organization-defined hardware components] within the system. (PE-3(5) ¶ 1, Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 2 Controls)
  • Employ [Assignment: organization-defined anti-tamper technologies] to [Selection (one or more): detect; prevent] physical tampering or alteration of [Assignment: organization-defined hardware components] within the system. (PE-3(5) ¶ 1, Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 3 Controls)
  • The CSP SHALL employ physical tamper detection and resistance features appropriate for the environment in which it is located. For example, a kiosk located in a restricted area or one where it is monitored by a trusted individual requires less tamper detection than one that is located in a semi-publ… (5.3.3.2 ¶ 2.6, Digital Identity Guidelines: Enrollment and Identity Proofing, NIST SP 800-63A)
  • All security features SHOULD maintain their function for the life of the card. As a generally accepted security procedure, federal departments and agencies SHOULD periodically review the viability, effectiveness, and currency of employed tamper resistance and anti-counterfeiting methods. (4.1.2 ¶ 10, FIPS Pub 201-3, Personal Identity Verification (PIV) of Federal Employees and Contractors)
  • The organization employs [Assignment: organization-defined security safeguards] to [Selection (one or more): detect; prevent] physical tampering or alteration of [Assignment: organization-defined hardware components] within the information system. (PE-3(5) ¶ 1, Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Revision 4)
  • Employ [Assignment: organization-defined anti-tamper technologies] to [Selection (one or more): detect; prevent] physical tampering or alteration of [Assignment: organization-defined hardware components] within the system. (PE-3(5) ¶ 1, Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5)
  • Employ [Assignment: organization-defined anti-tamper technologies] to [Selection (one or more): detect; prevent] physical tampering or alteration of [Assignment: organization-defined hardware components] within the system. (PE-3(5) ¶ 1, Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5.1.1)
  • The organization employs [Assignment: organization-defined security safeguards] to [Selection (one or more): detect; prevent] physical tampering or alteration of [Assignment: organization-defined hardware components] within the information system. (PE-3(5) ¶ 1, Supply Chain Risk Management Practices for Federal Information Systems and Organizations, NIST Special Publication 800-161, April 2015)