Compliance Reports and Alerts Overview

Log data allows organizations to manage the challenge of achieving and maintaining ITL and ITSM compliance. TIBCO LogLogic’s compliance reports and alerts generally fall into the following categories:

  • Security and Threat Management
  • Change and Configuration Management
  • Identity and Access Management
  • Monitoring and Reporting

Security and Threat Management

The TIBCO LogLogic® Compliance Suite - ITIL Edition includes reports and alerts to show that all network security devices, including firewalls which control traffic into a company’s network, as well as intrusion detection systems which monitor the traffic, have been configured appropriately to allow only the requested and approved traffic in and out of the network.

Non-compliance in this area may result in unauthorized access from the Internet. Often, seemingly insignificant paths to and from the Internet can provide unprotected pathways into key systems. Firewalls are a key protection mechanism for any computer network and they are featured prominently in the TIBCO LogLogic® Compliance Suite - ITIL Edition.

Change and Configuration Management

The TIBCO LogLogic® Compliance Suite - ITIL Edition includes reports and alerts to show that all system changes are appropriately requested, approved, tested, and validated by authorized personnel prior to implementation in the production environment.

Non-compliance in this area may result in unauthorized changes and/or improper roll-out of new source code to key systems. This may negatively impact the confidentiality, integrity, and availability of information.

Identity and Access Management

The TIBCO LogLogic® Compliance Suite - ITIL Edition includes reports and alerts to show that all ITL and ITSM-related systems (i.e., networks, applications, and databases) are appropriately secured to prevent unauthorized use, disclosure, modification, damage or loss of data, and that the division of roles and responsibilities has been implemented to reduce the possibility for a single individual to subvert a critical process. Management needs to ensure that personnel are performing only authorized duties relevant to their respective jobs and positions.

Non-compliance may result in unauthorized or inappropriate access to key systems, which may negatively impact the confidentiality, integrity, and availability of information.

Monitoring and Reporting

The TIBCO LogLogic® Compliance Suite - ITIL Edition includes reports and alerts to allow customers to continuously monitor the IT infrastructure for security violations and other anomalies. Reports are provided in a format meaningful to stakeholders. The monitoring statistics should be analyzed and acted upon to identify trends for individual systems and the overall ITL and ITSM environment.

Non-compliance in this area could significantly impact service availability as well as security of the IT infrastructure.