백서 수집 도서실:
ObserveIT의 감사 분석 전문가로부터의 사용자 감사 교육
Strangers in Your Servers: Making Working with Contractors More Secure
Nearly 90% of data breaches are accomplished via remote access to a company's systems and 76% of data-breaches investigated were due to the direct exploitation of remote vendor access channels. However, Internet-based remote access systems are critical for numerous business functions, so simply eliminating them is not an option. ObserveIT's unique approach to session recording and analysis is the future-proof way forward.
Why You Need a Surveillance Camera for your IT Systems
Any detective will tell you how helpful it is to have clear and undisputed video evidence of a crime. Imagine that a perpetrator comes onto your property, looks straight into the surveillance camera to give you a clear shot of his face, and proceeds to do his dirty work with every action he performs caught on video. Once the person is caught and goes on trial for his crime, his attorney will find it hard to refute the evidence because it's all there for the jury to see. Now you can have that same kind of evidence for your IT systems.
Ensuring Security While Maintaining Privacy
Under the increasing burden of regulatory compliance such as PCI, HIPAA, SOX, NERC and ISO 27001, companies are more and more seeking some form of monitoring platform for recording employee activity. Not surprisingly, this has been met with concern on the part of employees, who fear that employee monitoring is stepping on their rights to privacy in the workplace. However, a combination of transparency and common sense can bridge these two seemingly diametric positions. After all, if an employer seeks to simply meet regulatory compliance, and can do so without infringing on employee rights, then both sides will benefit from greater efficiency, clarity and profitability...
Addressing Singapore's TRM with User Activity Monitoring
In June 2013, the Monetary Authority of Singapore released a Technology report, which highlights industry best practice standards to guide financial risk management and security. This document presents a high-level look activithy monitoring solution addresses these requirements.
How ObserveIT Addresses Key Hong Kong IT Security Guidelines
A high-level look at how ObserveIT's user activity recording and logging solution addresses a number of the key Guidelines. Also mentioned are a number of the Hong Kong Monetary Authority's General Principles for Technology Risk Management [TM-G-1] (version V.1–24.06.03) addressed by ObserveIT.
How ObserveIT Addresses Key National Indian Gaming Commission IT Controls
The National Indian Gaming Commission's Minimum Internal Control Standards for Class II Gaming specifies, in 25 CFR Part 543.20, the minimum internal control standards required for information technology and information technology data. ObserveIT's session recording and logging solution is the perfect means to implement key controls involve the logging and monitoring of all activity performed on sensitive systems.
How ObserveIT Addresses Key Australian Information Security Controls
The Australian Government's Information Security Manual (September 2012) specifies a wide range of information security governance controls. This document presents a high-level look at how ObserveIT's server session recording solution addresses 10 of those controls.
How ObserveIT Addresses Key India DoT Remote Access Security Requirements
In January 2013, the Department of Telecommunications of the Government of India's Ministry of Communications & IT contacted all telecom service providers in India with a set of security and auditing requirements for remote access systems. This document presents a high-level look at how ObserveIT's server session recording solution addresses a number of these key auditing requirements.
How ObserveIT Addresses Key Polish Banking ICT Security Recommendations
In January 2013, the Polish Financial Supervision Authority published Recommendation D, a set of recommendations regarding the management of risks inherent in IT and telecommunication systems used by the banking industry. This document presents a high-level look at how ObserveIT's server session recording solution addresses a number of the key recommendations outlined in Recommendation D.
User Auditing Options for Linux and Solaris
A variety of methods exist for auditing user activity in UNIX and Linux environments. This whitepaper looks at the 5 most popular methods for auditing. Each method is described, along with actionable tips for how to make the best use of each method. In addition, guidance is provided to show what type of auditing each method is best suited for.
If you spend a few minutes browsing the websites of Log Management and SIEM tool vendors, you might come away with the conclusion that all your system audit and compliance problems are solved. Unfortunately, this rosy picture seems to ignore the ever-present problem of blindspots in audit reports: If your apps don't log it, your audit report won't show it.
When Logs Don't Help, by PCI guru Dr. Anton Chuvakin
This paper covers the critical challenges of implementing PCI DSS controls and suggests creative solutions for related compliance and security issues. Specifically, the hard problem of security monitoring and log review in cloud, legacy, and custom application environment is discussed in depth. Additionally, clarification of key PCI DSS compensating controls is provided. This paper will help you satisfy the regulatory requirements and improve security of your sensitive and regulated data.
Easy PCI - How to reduce compliance costs
To respond to the requirements of the Payment Card Industry Data Security Standard regulation (PCI-DSS, or PCI for short), compliance officers must ensure that each user is accountable for all actions performed. For auditing business users, many of these needs can be answered using native system logs. But when it comes to privileged users, the requirements, sensitivities and complexities are all magnified. And when those privileged users happen to be third-party remote vendors, a redoubling of risk factors occurs...
Remote Vendor Monitoring
In the following article, I will demonstrate how to record remote-access VPN gateway sessions. In this deployment, all secure remote access sessions are routed through one or more central remote access gateways, with secondary remote desktop sessions serving as the method to access internal Windows or UNIX servers. All sessions gateway are fully audited and recorded. This recorded session allows Auditors and IT managers to have a full visual audit trail of all connections; identify the source of each connection; and view a step-by-step replay of the actions taken and applications accessed on these machines...
Outgoing VDI Gateways
It is very common for enterprises to use a Terminal Server or Citrix gateway in order to give external vendors access to internal servers or resources. However, we are starting to see a growing adoption of a "mirror-image" of this solution: Service providers that need to connect to multiple customer locations (using different protocols, according to customer requirements) who want to provide a single access point through which all outgoing traffic is routed. These service providers have achieved two important benefits with their outgoing gateway architecture: 1) Ease of administration and lower costs for managing multiple access methods; and 2) Full audit visibility of all actions performed on client servers during remote support sessions...
Companies are investing in high-availability systems and performance monitoring solutions for data centers, but are failing to follow best practice procedures to avoid human errors. As complexity grows in IT infrastructure, administrators are searching for solutions that will help them effectively monitor and maintain these environments. But oddly enough, the simple question "Who last accessed the server and what did he do?" remains one of the toughest questions to answer. This is despite the variety of system management tools in use today. It is not enough to just monitor servers and applications when the #1 cause for server downtime is human error. Ask an expert about high availability, and the conversation quickly turns to the subject of human error...