Solutions: Compliance Solutions (PCI, HIPAA, SOX, etc.)
Compliance Solutions (PCI, HIPAA, SOX, etc.)"Xceedium mitigates one of the highest-impact risks faced by business – the risk of inadequate controls for high-risk user access to the most sensitive information resources." — Enterprise Management Associates, November 2007 |
 |
|
Increasing incidents of unauthorized access and data theft have led internal and external auditors, as well as industry groups, to add their own rules to the growing list of regulations created to protect the most sensitive business and consumer information. The GateKeeper's unique technology delivers the most powerful compliance solution on the market for high-risk users, that includes: centralization of access, compartmentalization, containment, comprehensive tracking, monitoring and alerting, and automated reporting
Compliance Challenges
- How do you easily encrypt user traffic when you have an older point of sale system?
- How do you grant access to high-risk users (remote or local) and guarantee they only access the approved systems?
- How do you provide separation of duties and containment for this user group?
- How do you monitor high-risk users directly accessing systems and databases?
- How can you collect evidence to prove malicious or regulated activity?
- How do you easily deliver comprehensive reports for testing of control?
Xceedium GateKeeper offers a solution for addressing top technology challenges for achieving compliance, including:
- Authentication of high-risk users accessing systems containing sensitive data
- Controlling and encrypting access to systems containing sensitive data
- Containment and risk prevention
- Tracking and monitoring high-risk users
- Centralized reporting to validate compliance
- Alerting for security violations
Xceedium GateKeeper provides an easy and seamless way to meet compliance requirements, designed around a restrictive security model with the ability to compartmentalize access by high-risk users and implement and validate access controls. Xceedium GateKeeper enables businesses to meet compliance requirements and increase operational efficiency easily and cost-effectively. It also provides comprehensive monitoring and reporting of all the activities of high-risk users.
|
|
Authentication of High-Risk Users
Xceedium GateKeeper provides a single interface for defining and managing access-related security policies, including user profiles, access privileges and access methods. Its Web-based central management console automatically detects all systems and devices in the environment and provides a consolidated list from which to build your access policy. Xceedium GateKeeper is also integrated with existing IM solutions like Active Directory and other security solutions, including PKI/CAC, Radius and end point security solutions.
Controlling and Encrypting Access
Xceedium GateKeeper also enables granular compartmentalization for each user at the device, system, port and application level. In a simple centralized interface, all access can be easily and efficiently managed according to compliance standards. This strategy ensures that all users see only what they are supposed to see, and nothing more, and have no visibility into other resources in the infrastructure – hardware, software or data. Additionally, they can be restricted by time. The Xceedium GateKeeper can also provide an easy, seamless way to phase out client side access to enterprise applications that use legacy protocols such as telnet and other clear text protocols.
|
|
Containment and Risk Prevention
Xceedium GateKeeper detects and prevents violations of the access security policy with a violations model that includes the ability to define commands and key words that are prohibited from use (with a white list or black list). If a particular action is a violation, Xceedium GateKeeper prevents it from being completed and issues real-time alerts. For instance, if an administrator is given the ability to Telnet into a router, Xceedium GateKeeper makes it possible to restrict their ability to leap frog using Telnet to leave the router. Xceedium GateKeeper extends this Leap Frog protection to Windows, Linux and Unix servers by implementing a unique socket filter technology that prevents leapfrogging from authorized servers to unauthorized areas of the infrastructure.
Tracking and Monitoring High-Risk Users
To achieve compliance with monitoring requirements, Xceedium GateKeeper provides an end-to-end view of the activities of high-risk users at all levels, including the command line level, and a
complete audit trail that crosses over the many different components and systems and artificial boundaries established in the enterprise. Keystroke logging and patent-pending session recording ensure that all user activity is tracked, including the date and time the user logged into a specific device, and the access method. The duration of the session is logged/recorded for both in-band and out-of-band sessions.
Centralized Reporting for Testing Controls
Xceedium provides easy-to-produce reports that assist companies in testing controls to meet compliance requirements. These reports deliver information on individuals, groups, devices, protocols, violations, etc. and are combined with flexible filtering to make it possible to easily produce the comprehensive audit reports needed to satisfy the compliance requirements of internal and/or external auditors.