Verisys for Security Compliance

Prominent Compliance Standards

  • PCI Data Security Standard (PCI DSS)
  • Federal Information Security Management Act (FISMA)
  • GSCx Code of Connection for GSI (CoCo)
  • Sarbanes-Oxley (SOX)
  • Health Insurance Portability and Accountability Act (HIPAA)

There is an ever increasing need to ensure the safety of your business data, whether it be in response to regulatory compliance, such as PCI DSS, SOX or HIPAA, or as part of a proactive company IT policy. If data security is overlooked, there is a very real threat of sensitive data being stolen, tampered with or unlawfully distributed. Failure to act in accordance with the ever growing IT compliance regulations could result in more serious penalty such as fines or business downtime.

Alert key personnel of unauthorised changes or non-compliant behaviour

Key to compliance and security is your systems achieving a known and trusted state - and being able to demonstrate that your systems maintain this state. Verisys File Integrity Monitoring system allows you to detect changes to system objects, generate reports on the integrity of your systems and notify key personnel of detected discrepancies.

The Verisys File Integrity Monitoring system provides a simple solution to many of your security compliance requirements, giving you confidence that the integrity of your data has not been compromised.

Core Compliance Requirements

Change Detection

  • Verisys detects alterations, additions and deletions of system files and registry entries, and alerts key personnel of unauthorised changes or non-compliant behaviour

Continuous Monitoring

  • Integrity checks can be scheduled to run as frequently as once every minute, and allow automated responsive actions to be taken when discrepancies are detected

Data Integrity Assurance

  • Properties and attributes of files and registry entries are examined to ascertain whether any modifications have occurred. Verisys also employs a FIPS-compliant cryptographic algorithm to perform a detailed analysis of system object contents in order to detect otherwise concealed discrepancies

Reporting, Alerting and Centralised Logging

  • Verisys can automatically send emails to alert key personnel of unauthorised changes, write to the windows event log, send events to a centralised syslog server, run arbitrary commands and generate detailed discrepancy reports in a variety of formats

Audit Trail

  • Verisys enables widespread monitoring and reporting of business systems, allowing the establishment of a comprehensive audit trail. Verisys will store discrepancy reports for as long as you wish to retain them, and discrepancy data can also be automatically sent to a centralised syslog server or the Windows Event Log. Current and historical discrepancies can be reviewed using the central Verisys Console

Identify Security Breaches

  • Verisys allows key personnel to be automatically notified of changes to critical files, enabling rapid response and return of systems to a known and trusted state. Some system objects may be more critical than others, so different automated actions can be taken relative to severity

Comprehensive Security Policy

  • File integrity monitoring performs a crucial role in any comprehensive security policy. Unmonitored systems may be at risk from unauthorised changes - resulting in operational downtime, security or confidentiality infringements or compliance violations. By implementing the Verisys File Integrity Monitoring system you can simplify and bolster IT security through improved change detection and integrity monitoring