Home > InfoSec > More on Endpoint Compliance

More on Endpoint Compliance

We are taking a look at "Regulatory Compliance for Endpoints" in small doses. 

Ari Tamman’s article continues: IT has become the standard that makes up the
core of today’s business systems, delivering information, applications and
enabling communication. However, the
implementation of a system within the IT framework to maintain compliance can
be a lot more ambiguous and complicated. Regulations span the entire flow of
business information demanding that activity is monitored and logged at every
step. Systems that contain or transmit
sensitive corporate information and customer data must be secured from
unauthorized access. Other systems critical to business continuity must be
secure and auditable to ensure their availability, security and
reliability. The COSO and CobiT frameworks
recommend enacting risk-management controls by auditing IT systems to identify
any weaknesses that could result in unauthorized changes to data. These are just some of the controls that
Regulatory Compliance bodies demand. Another new standard emerging is SAS 70 (Statement on Auditing Standards
No. 70, Service Organizations) which is designed to audit the internal controls
of an organisation. Unlike regulatory
bodies SAS 70 provides an audit report on whether internal controls in place
actually work or not.

[SH: Now I see where Ari is going. Promisec’s Spectator product is designed to
that kind of real-time compliance auditing of any endpoint connected to a
network at any moment.]

In
addition to logging events and securing critical systems many regulatory bodies
require independent internal controls that are able to monitor activity so that
any change or transaction affecting the status quo of a company’s IT systems is
identified. Activity that results in a
breach of compliance may be caused by a user’s action such as the introduction
of malware into the network, disabling a security client or even leaving a
workstation unlocked when the user is away from their desk. Users are fallible
and the workstations they use can be back doors into the internal network causing
security breaches within corporate networks whether directly or indirectly. It
is therefore essential to provide a vigilant system in controlling user
activity and enforcing the internal controls upon them.

[SH:
Spectator can also trigger fixes like those. It can edit the registry to get it back in compliance, or launch a
process to re-enable security measure or update or quarantine the endpoint.]

Out
of all the respondents to the 2006 CSI/FBI Computer Crime and Security Survey,
63% cited Policy and Regulatory Compliance as the most critical computer
security issue after data protection. Identity theft and information leakage came third with viruses and worms
coming in fourth.

[ugh…not the CSI/FBI study again. 🙂 More lost points…]

 

Advertisements
Categories: InfoSec
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: