Compliance Categories
You can use log data in organizations to manage the extreme challenges of meeting IT controls.
Identity and Access Management
The LogLogic® Compliance Suite - FISMA Edition includes reports and alerts to show that all related systems (that is, networks, applications, and databases) are appropriately secured to prevent unauthorized use, disclosure, modification, damage or loss of data.
The risks of non-compliance might result in unauthorized and inappropriate access to key systems, which might negatively impact the security, integrity, accuracy, and completeness of information.
User Activities Monitoring
The LogLogic® Compliance Suite - FISMA Edition includes reports and alerts to allow customers to continuously monitor the IT infrastructure for any security violations. Reports are provided in a format meaningful to the stakeholders. The monitoring statistics must be analyzed and acted upon to identify the negative and positive trends for individual services as well as for the services overall.
The risks of non-compliance in this area could significantly impact service availability as well as the security of the IT infrastructure, which might negatively impact the security, integrity, accuracy and completeness of information.
Change and Configuration Management
The LogLogic® Compliance Suite - FISMA Edition includes reports and alerts to show that all systems and system changes are appropriately requested, approved, tested, and validated by authorized personnel before the implementation to the production environment. These reports and alerts can also show that the division of roles and responsibilities, have been implemented to reduce the possibility for a single individual to subvert a critical process. The management needs to make sure that the personnel is performing only authorized duties relevant to their respective jobs and positions.
The risks of non-compliance might result in unauthorized changes and improper roll-out of new source code to key systems. This might negatively impact the security, integrity, accuracy, and completeness of the information.
Security and Threat Management
The LogLogic® Compliance Suite - FISMA Edition includes reports and alerts to show that all network security devices, including firewalls which control computer traffic into a company’s network, as well as IDS systems which monitor the computer traffic, have been configured appropriately to allow only the requested and approved traffic in and out of the network.
The risks of non-compliance might result in unauthorized access from the Internet. Often, seemingly insignificant paths to and from the Internet can provide unprotected pathways into key systems. Firewalls are a key protection mechanism for any computer network.
Availability and Continuity Management
The LogLogic® Compliance Suite - FISMA Edition includes reports and alerts to monitor the availability of critical IT infrastructure components. Setup alerts to monitor when critical components are sending an abnormal amount of log data, which could indicate attacks on the component or that there are system errors, or have stopped sending log data, which could indicate failure of these components.
The risk of non-compliance could significantly impact the business viability and could prevent an organization from recording transactions and thereby undermine its integrity.
Capacity and Performance Management
The LogLogic® Compliance Suite - FISMA Edition includes reports and alerts to monitor the performance and capacity of the IT infrastructure on a regular basis. For example, reports can be automatically generated to ensure that CPU, memory or disk utilizations are exceeding the predefined thresholds. Deficiencies in this area could impact the resilience of the infrastructure and the availability of critical resources.