I report to the CIO or Vice President of IT and have responsibility for managing IT regulatory compliance for my organization’s IT infrastructure. My role is to coordinate, plan, and execute information technology compliance audits and controls assessments at my organization. I am responsible for developing and providing controls, standards, process improvement recommendations, technical guidance and awareness compliance.
I am looking for a solution to secure the environment, establish the baseline, track user activity, alert on potential violations, and simplify the generation of audit-ready reports. I need a centralized, consolidated 360 degree view of activity data from across the entire IT infrastructure, the capability to store this event log information for a time frame I define, the ability to receive alerts when the IT infrastructure becomes non-compliant, and be able to quickly research events.
EventTracker is a SIEM and log management solution that helps you secure your organization’s environment. EventTracker is accessed via a secure, role-based web user interface that allows you to enforce perimeter security with an unlimited number of user-defined real-time alerts, consolidate event logs from multiple sources into a single secure warehouse, correlate events across the enterprise (including firewalls, routers, servers, workstations, USB storage devices and applications), and detect and alert on network connections on any port.
The easiest way to know if things have changed in your environment is to establish the baseline of your IT infrastructure. With EventTracker, you can gather and document user activity, view group memberships, share permission levels and security settings over a timeframe to know your environment’s baseline. Once this baseline is established you can monitor users, group memberships, file and object access, log-on/off activities, and maintain a trail of authorized/unauthorized changes.
And EventTracker simplifies the audit process by allowing you to demonstrate continuous regulatory compliance with pre-defined report templates that can be scheduled and sent by e-mail or RSS feed. EventTracker has standard reporting templates for FFIEC, FDCC, FISMA, GLBA, HIPAA, NISPOM, PCI-DSS, and SOX 404.