|Partner TechTip: Slash Your Compliance Workload!|
|Tips & Techniques - Security|
|Written by Robin Tatam|
|Friday, 22 January 2010 01:00|
There's a better way to maintain and prove security compliance.
If you've ever been one of the unfortunate souls charged with monitoring a computer system for compliance or been asked to generate reports for inquisitive auditors, you know what a huge drain such projects can be on time and resources.
Perhaps you struggle with interpreting what auditors really want to know—for example, determining what they consider a "powerful user." Then, you run a slew of cryptic IBM commands to generate the information into a mixture of spooled files and database files. And finally, you try to get all of the disparate information downloaded to your PC and imported into Excel to parse out and analyze the information.
Then there's the constant stream of user and system events that you should be keeping an eye on. Although IBM i facilitates collecting the event information, performing any type of forensic analysis is not for the fainthearted. A few commands exist in the operating system, but they typically require the data to be placed into an output file and then parsed and analyzed with a query or application program. If you have multiple systems or partitions, be prepared to run all of these processes on each of them one by one.
Finding a Better Way
If you're cringing while reading this or are resigned to the fact that compliance is just too hard to accomplish, PowerTech's Compliance Monitor solution will be a shining beacon of light. Compliance Monitor contains the functionality that you need to report on static metrics (user profiles, system values, etc.) and dynamic events from the security audit journal. The product includes advanced features, such as user profile and system value scorecards (Figure 1) that rate your system against the included (but customizable) security policy.
Figure 1: The system value scorecard rates your system against your security policy. (Click images to enlarge.)
Upon launch, the intuitive and powerful GUI (Figure 2) provides easy access to audit data, export functions, and a comprehensive compliance guide. Predefined report categories provide suggestions for what reports are needed for common regulatory requirements, such as PCI and SOX. In addition, you have the ability to customize any of the hundreds of available reports using powerful filtering features and store them in user-defined report categories. Manipulate a report to reflect your personal style, and then easily save the "custom" definition for the next time you want to run it.
Figure 2: The GUI provides easy access to audit data, export functions, and a comprehensive compliance guide.
One of the most impressive features of Compliance Monitor comes from its advanced three-tier architecture. This infrastructure enables reporting across numerous servers or partitions with a single request, including side-by-side reports to compare systems against each other. Create "virtual" system groups to allow reporting against select partitions in a business unit or perhaps geographic locations. Multiple systems often mean a struggle to keep large volumes of audit journal data online. Imagine the ability to harvest and store that data in a central repository with upward of 90 percent compression!
If you run other PowerTech solutions, such as Network Security to audit and control network transactions or Authority Broker to control powerful users, then the entries placed into the audit journal by these products can also be reported on by Compliance Monitor. This means that the security officer has a single dashboard with powerful insight into the inner sanctum of IBM i security events and security configuration, as well the network access and powerful user activities monitored by PowerTech.
Perhaps you'll even take the leap to empower auditors to use the software to run their own reports. Before you fall off of your chair at the very thought, understand that Compliance Monitor comes with unlimited desktop licenses and has a "no-change" methodology to prevent configuration changes on the host IBM i server.
Now, how does that popular commercial go? Oh yes, "It's so easy, even an auditor can do..." Oops, I guess as a frequent auditor of IBM i systems myself, I probably shouldn't finish that!
For more information on how Compliance Monitor can slash the compliance workload in your organization, visit www.powertech.com.
|Last Updated on Friday, 15 January 2010 15:05|