and Thrive Off It!€¦ · HIPAA §164.308 (a)(6)(ii) Response and reporting. Netwrix Auditor...
Transcript of and Thrive Off It!€¦ · HIPAA §164.308 (a)(6)(ii) Response and reporting. Netwrix Auditor...
How to Survive an IT Audit… and Thrive Off It!
Presenter:
Adam StetsonPresales [email protected] x2907
Agenda
Compliance Overview
Continuous Compliance
Control Processes
Product Demonstration
Briefly about Netwrix
Questions and Answers
Prize Drawing
Compliance Overview
Best Practices, Standards and Regulations
ISO 27001, COBIT, NIST
PCI, HIPAA, SOX, FISMA, FFIEC/GLBA
Commonalities
Availability, Integrity, Accountability
Policies, Implementation, Validation, Reporting
Perform reviews of your policies
Periodic reviews should be planned and executed
Processes for policies and procedures improvement should be established
Audit Failures Real-Life Examples
Compliance Investigations2010 – NY and Presbyterian Hospital and Columbia University. $4.8 million
2009 – WellPoint Inc. $1.7 million
Compromised Security 2014 – Home Depot 56 million customer cards compromised (largest retail breach on record)
– Dairy Queen 395 locations
– Jimmy John’s 216 locations
– JPMorgan Chase 76 million households, 8 million small businesses exposed
2013 – Target. $3.6 – 12 billion (estimated)
2011 – Maricopa County $17 million
Business Continuity DisruptionsA Global Oil Company
Someone mistakenly deleted 2000 user accounts because of a mistake in a script. Monday morning, people couldn’t logon
Large Recycling Company
GP change caused File Server Firewalls to snap on leading to major disruption, as around 60% of the users were unable to access particular applications/resources
Ways to Approach Compliance
One-Time Effort
Compliance as an Event
Regime Establishment
Compliance as a Continuous Process
Continuous Compliance is the Way
Initial effort for establishing a continuous compliance regime can be cumbersome:
Extensive planning and development of internal policies,
Assignment of roles and responsibilities,
Implementation of controls and mechanisms for feedback and improvement.
Once continuous compliance is established, it brings many benefits, including:
Increased efficiency of operations,
No high risk periods,
Continuous improvement,
Lower total cost (over the years).
Security & Compliance
Change managementProcess for controlling the lifecycle of all changes, ensuring that no unauthorized changes appear in information systems
Access controlProcess for establishing selective restrictions of access to information systems and data
Account managementIssuing, removing, maintaining, and configuring information systems’ accounts and related privileges
Credentials managementManagement of credential information such as user names and passwords
Privileged users managementManagement of privileged accounts, including their provisioning and life cycle management, authentication, authorization, credentials management, auditing, and access control
Control Processes
Integrity monitoringProcess for performing validation of data and configurations integrity by comparing between the current state and the known, good baseline
Configuration managementInterrelated processes and management techniques for evaluating, coordinating, and controlling changes to and configurations states of the information systems
Data governanceManagement of the availability, usability, integrity, and security of the data employed in an organization
Audit trialCollection, consolidation, retention, and processing of the audit data
Control Processes (continued)
About Netwrix Auditor
Netwrix Auditor
enables #completevisibility into both security configuration
and data access within the IT infrastructure
by providing actionable audit data
about who changed what, when and whereand who has access to what
Netwrix Auditor Conceptual Model
Compliance and Netwrix Auditor
Regulation How Netwrix helpsProcesses and Report
CategoriesNetwrix Report
HIPAA
§ 164.308 (a)(6)(ii) Response and reporting.
Netwrix Auditor provides complete audit trail of activities
leading to the incident and helps with root cause analysis
afterwards.
AUDIT TRAIL
Netwrix Auditor for Active Directory:- All Active Directory Changes
Netwrix Auditor for Exchange Server- All Exchange Server Changes
and more
PCI
10.1 Implement audit trails to link all access to system components to each individual user.
Utilize Netwrix Auditor’s fully featured auditing and reporting of all user activities including access to sensitive files, across the entire IT infrastructure and recording of
who changed what, when, and where.
ACCESS CONTROLSystems Access
Data Access User Activity AUDIT TRAIL User Activity
Netwrix Auditor for Active Directory:- User Accounts Last Logon Time
Netwrix Auditor for File Servers: - File Server Changes by User
and more
SOX
DS5.4: User Account Management
Audit all changes to user accounts, elevation of privileges, regular and
privileged users’ activities.
ACCOUNT MANAGEMENTAccounts States
Account ChangesPolicies Changes
Policies States
Netwrix Auditor for Group Policy:- Account Policy Changes- User Configuration Changes
and more
Demonstration
Netwrix Auditor
Netwrix Auditor
Netwrix Auditor Applications
Netwrix Auditor for
Active Directory
Netwrix Auditor for
SharePoint
Netwrix Auditor for SQL Server
Netwrix Auditor
for VMware
Netwrix Auditor for
Windows Server
Netwrix Auditor for
File Servers
Netwrix Auditor for
Exchange
Netwrix Auditor Applications Scope
Active Directory changes; Group Policy changes; State-in-Time information on configurations; real-time alerts; AD change rollback; inactive user tracking and password expiration alerting.
Changes to Windows-based file servers, EMC Storage and NetApp Filers; State-in-Time information on configurations.
SharePoint farm configuration changes, security and content changes.
Exchange changes and non-owner mailbox access auditing.
SQL configuration and database content changes.
Changes to configuration of Windows-based servers; Event Logs, Syslog, Cisco, IIS, DNS; User activity video recording.
VMware vSphere changes.
Netwrix Auditor forActive Directory
Netwrix Auditor forExchange
Netwrix Auditor forFile Servers
Netwrix Auditor forSharePoint
Netwrix Auditor forSQL Server
Netwrix Auditor forVMware
Netwrix Auditor forWindows Server
Related Resources:
Free Guide: PCI, SOX, HIPAA, FISMA, GLBA, ISO/IEC 27001 with Netwrix Auditor
netwrix.com/compliance
Whitepaper: General Principles of IT Compliance and Continuous Compliance with Netwrix
start.netwrix.com/white_paper_compliance_demystified.html
Upcoming & Recorded Webinars:
netwrix.com/webinars
netwrix.com/webinars#featured
About Netwrix Corporation
Year of foundation: 2006
Headquarters location: Irvine, California
Global customer base: 6000Recognition: Among the fastest growing software companies in the US with more than 70 industry awards from Redmond Magazine, SC Magazine, WindowsIT Proand others
Customer support: global 24/5 support with 97% customer satisfaction
Netwrix Customers
GA
Financial
Healthcare & Pharmaceutical
Federal, State, Local, Government
Industrial/Technology/Other
Award winning products
All awards: www.netwrix.com/awards
Free Trial: setup in your own test environment
netwrix.com/freetrial
Test Drive: virtual POC, try in a Netwrix-hosted test lab
netwrix.com/testdrive
Live One-to-One Demo: product tour with Netwrix expert
netwrix.com/livedemo
Contact Sales to obtain more information
netwrix.com/contactsales
Next Steps
Thank You!
Prize Drawing
Haven’t won this time? Sign up for upcoming sessions: https://www.netwrix.com/webinars.html
Get Your Fitbit Activity Wristband!