A Unified, Template-Based Approach to Policy Enforcement
CPC provides the ability to create templates that address the specific regulatory requirements of SOX, Basel III, HIPAA, and PCI DSS, as well as those of internal corporate policies. This template-based control of native definitions, deviation reporting, and remediation for each computing platform eliminates redundancy and brings a consistent level of compliance across all systems.
Templates can be applied across multiple servers of the same type; for example, a template can be created that covers all SQL servers. Using these templates, administrators run compliance check reports against the actual definitions on each system to quickly see any deviations from the policy’s template. When deviations are found, administrators have the option of aligning the actual definitions in the system to those of the policy with a just a couple clicks of the mouse. In addition, all CPC reports can be customized; for instance, information can be categorized into policy groups or shown across platforms.
Smart Alerts and Real-Time Monitoring
Built-in intrusion detection and alerting mechanisms provide real-time security and compliance monitoring via instant e-mail and pop-ups. Administrators can define specific alert parameters to ensure any event that meets these parameters will generate a notification. This ensures security officers are immediately notified in order to quickly respond to any deviations from a policy.
CPC can be used in unison with the Enforcive audit log monitoring solution, Cross Platform Audit (CPA). This integration sends the audit trails from CPC directly to CPA for correlation analysis along with log events from other sources such as IBM i, Windows servers, AIX, Linux, DB2, SQL Server, and many other sources. This provides security administrators with a high-level view of all compliance-related activity as well as the ability to drill down and identify any suspicious action that caused a system to deviate from the established policy.
Add Pre-Defined Compliance Templates and Professional Services
Predefined templates, alerts, and compliance definitions are included with CPC that can be mapped to specific regulatory standards, such as PCI DSS. In addition, Vision’s professional services staff is available to advise your IT teams as well as to develop and implement a framework for managing policies that meet compliance regulations and other internal policy requirements. By leveraging our expertise, compliance projects are implemented more quickly, and commonly encountered security and compliance obstacles are resolved sooner.
Benefits and Features
- Helps organizations more easily achieve compliance with industry regulations like SOX, Basel III, HIPAA, and PCI DSS
- Allows system administrators, security officers, and auditors to define a variety of security policies for each system, check them at will, and then enforce system definitions to ensure conformance with policyy
- Makes it easy for system administrators who are not technical experts on all platforms to effectively monitor compliance from a central console
- Maintains a documented security policy that can be instantly presented to auditors
- Applies remediation to policy deviations either on-demand or at a specified schedule
- Assures executive management that corporate policy is enforced across the enterprise, not simply documented on paper
- Discovers and pinpoints any security parameters that have not been defined in accordance with policy—e.g., user attributes and permissions
- Lists policy deviations both on screen and through reports that can be defined in various file formats
- Retains a history of all compliance checks