Meeting Compliance Requirements
Compliance requirements for IT is a complex issue presenting a great deal of challenges to business of any size. Compliance rules often require you to monitor hundreds and even thousands of deployed applications. It is important that solution for meeting compliance requirements is efficient, cost-effective, and non-intrusive.
One of the most widely spread IT security compliance requirements states that every action that could impact sensitive data must be tracked. A possible solution is to record all database queries from the main user application. However if there are 3rd-party utilities accessing data independently, this approach becomes useless.
PCI, HIPAA, SOX, NERC, and other standards compliance with a single tool
Ekran System provides you with video log data of all sessions from all end-points of your enterprise network, allowing you to capture all on-screen activities regardless of the type of program or service used. Ekran System records all application work, visited URLs, typed keystrokes, and even identifies plugged in USB devices.
Ekran System meets standards in the following ways:
- Identifying, monitoring, and authenticating administrator and 3rd party access
- Access via the authentication system with assigning unique ID to each person with computer access
- Monitoring and controlling all privileged user access
- Monitoring and logging all users access
- Monitoring and tracking all access to the sensitive data
- Providing access policy and report tool to get the evidence to forensics and investigators if needed
- Enabling authentication on servers and monitoring remote access sessions
- Logging backdoor sessions
- Logging all user activity and activity on servers and monitoring USB ports
- Providing incident response via session replay, event logs, user blocking, and USB device blocking
- Providing the possibility to view monitored data in an offline mode via export to a protected file (without installation of additional software)
Efficient Compliance Solution
With Ekran System, your organization can meet the HIPAA, NERC, FFIEC, FISMA, FERPA, PCI, and SOX requirements all at once, eliminating the need to have several dedicated IT compliance requirements solutions. Ekran System provides complete coverage of all user activity on servers and desktops, whether it is an application, a webpage opened in an Internet browser, or any visible area of the screen, providing compliance auditors with undeniable evidence. Ekran System allows you to quickly create audit reports, in which you can perform easy searches by keywords.
- Monitoring every application from start to end. Ekran System allows you to spare the time of compliance officers, who spend dozens of hours collecting information on each and every application used in corporate network hoping to make sure that it has a component responsible for compliance audit logging. Regardless of the type of a software application, all activity performed in it is recorded in an integrated video format. Thus, Ekran System eliminates the need to monitor each application separately.
- Ensuring credibility. Ekran System provides reliable security infrastructure and complete playback of user sessions, which proves the credibility of the source of user activity. You can store data in secure MS SQL databases in order to comply with database security protocols.
- Revealing true identity of “administrator”. You cannot provide an external auditor with convincing evidence if data was access via a shared “administrator” account. To meet IT compliance requirements, the identity of the person accessing data must be provided. Ekran System provides you with advanced authentication tool, allowing you to find out exact identity of the user.
Highly flexible subscription model makes Ekran Systems one of the best solutions to ensure compliance with the requirements, allowing cost-effective deployment on any number of end-points.