#completevisibility

Speaker: Roy LopezSales Engineer, Netwrix CorporationRoy.Lopez@netwrix.com+44 (0) 203 588 3023 ext 2833

How to Ensure Continuous Compliance?

Episode III: FISMA Compliance

#completevisibility

Housekeeping

All microphones will be mutedfor the duration of the webinar

To submit text questions use the Question Pane

All questions, comments or opinions are greatly appreciated

The Question Pane

#completevisibility

Agenda

Compliance Overview

FISMA Compliance

FISMA Compliance and Netwrix Auditor

Netwrix Auditor Demo

Real Case: Netwrix Auditor helping with FISMA Compliance

About Netwrix Corporation

Q & A

Prize Drawing

#completevisibility

Compliance Overview

Best Practices, Standards and Regulations

ISO 27001, COBIT, NIST

PCI, HIPAA, SOX, FISMA, FFIEC/GLBA

Commonalities

Availability, Integrity, Accountability

Policies, Implementation, Validation, Reporting

Perform reviews of your policies

Periodic reviews should be planned

Establish processes for changing existing or adding new policies

Why it’s important?

79,790 security incidents occurred in 2014,

50,315 (63%) of them happened in Public Sector

#completevisibility

Number of reported incidents by Federal Agencies

5,503

11,911

16,843

29,999

41,776 42,854

48,562

61,214

67,168

0

10,000

20,000

30,000

40,000

50,000

60,000

70,000

80,000

2006 2007 2008 2009 2010 2011 2012 2013 2014

Source: GAO analysis of United States Computer Emergency Readiness Team data for fiscal years 2006-2014

#completevisibility

FISMA Compliance

FISMA was signed into law as a part of the Electronic Government Act of 2002.

Steps to comply FISMA:

– determine the security category of the information system in accordance with FIPS Publication 199

– derive the information system impact level from the security category in accordance with FIPS 200

– apply the appropriately tailored set of baseline security controls in NIST Special Publication 800-53

Who must comply?

FISMA regulation applies to any Federal agency, its subcontractors, service providers and any organizations that operate IT systems on behalf of Federal agencies.

#completevisibility

Initial effort for establishing a continuous compliance regime can be cumbersome:

– Extensive planning and development of internal policies,

– Assignment of roles and responsibilities,

– Implementation of controls and mechanisms for feedback and improvement.

Once continuous compliance is established, it brings many benefits, including:

– Increased efficiency of operations

– No high risks periods

– Continuous improvement

– Lower total cost (over the years)

Netwrix Auditor integrated into organization’s IT infrastructure is a great tool to provide

visibility into the systems. It enables validation of policies and provides mechanisms for

establishment of some of the compliance controls.

Continuous Compliance is the Way

#completevisibility

Delivers Complete Visibility Analyze and control any IT related activities with more than 150 predefined reports and more.

Enables Evaluation According to defined policies, metrics and baselines.

Provides Audit Reports Proving compliance along with data consolidation and archiving capabilities with two-tiered audit data storage for up to 10 years or more.

Netwrix Auditor is easily configurable and affordable unified platformWith lightweight non-intrusive data collecting agents that greatly reduces administrative burden and helps to maintain compliance with FISMA.

Streamlines compliance by auditing access to sensitive data as well as auditing of changes to access rights for system components.

How Netwrix assists with FISMA compliance?

#completevisibility

How Netwrix assists with FISMA compliance?

Netwrix Auditor facilitates auditing of the following control processes:Access Control,

Account Management,

Privileged Users Management,

Credentials Management

Integrity Monitoring,

Configuration Management,

Data Governance,

Audit Trail

Overview of Netwrix Auditor coverage of NIST 800-53 rev.4Family: Access Control

Family: Audit and Accountability

Family: Security Assessment and Authorization

Family: Configuration Management

Family: Contingency Planning

Family: Identification and Authentication

Family: Incident Response

Family: Maintenance

Family: Media Protection

Family: Personnel Security

Family: Risk Assessment

Family: System and Services Acquisition

Family: System and Communications Protection

Family: System and Information Integrity

#completevisibility

FISMA Compliance and Netwrix Auditor

NIST 800-53 rev4 How Netwrix helpsProcesses and

Report CategoriesNetwrix Report

Family: Audit and Accountability

AU-1 AUDIT AND ACCOUNTABILITY POLICY AND PROCEDURES

Netwrix Auditor is designed to assist with implementation of

organization-defined audit and support accountability

procedures.

AUDIT TRAIL

Netwrix Auditor for Active Directory:- All Active Directory Changes

by Groups

Netwrix Auditor for Group Policy: - All Group Policy Changes

with Review Status andmore

Family: Personnel Security

PS-4 PERSONNEL TERMINATION

Through reviewing audit trail validate revocation of

authenticators/credentials associated with the individual.

ACCOUNT MANAGEMENTAccounts States

Account Changes

Netwrix Auditor for Active Directory:- User Accounts- User Accounts – Expired- User Accounts - Locked

Netwrix Auditor for Group Policy:- Account Policy Changes- User Configuration Changes

Netwrix Auditor Event Log:- User Account Locks and

Unlocks and more

#completevisibility

Demonstration: Continuous Compliance With…

Netwrix Auditor

#completevisibility

Real Case Study

Customer– City of Artesia

Industry– Government

Challenge:– How to Prove Police Evidence Data Integrity

Solution– Netwrix Auditor

Barry Goldstrom, IT Supervisor, The City of Artesia, NM:

“We needed a way to audit police-evidence-related data and files. NetwrixAuditor for File Servers gives us the ability to provide an audit trail of anyfile activity and ensures sensitive data is protected.”

#completevisibility

Control Processes

– Audit Trial

– Access Control

– Data Governance

Real Case Study

Netwrix Auditor for File Servers:– All File Server Activity– File Server Changes

– Files and Folders Created– Folder Summary Report

– Object Permissions by Object

Netwrix Auditor for File Servers:– Object Permissions by Object – Object Permissions by User – File Server Changes by User

– All File Server Activity by User– Successful File and Folder Reads Summary

Netwrix Auditor for File Servers:– Files and Folders by Owner

– Folder Summary Report– Successful File and Folder Reads Summary

– Successful File Reads Successful – Files and Folders Created

– Folders Changes and more

#completevisibility

Real Case Study

Proven Results– Reporting capabilities– Ease of its usage– Ability to catch any potential security incident

“We have chosen the software we can rely on, and consider it as a stronginternal control system that delivers complete visibility and continuouscompliance across our entire IT infrastructure.”

Barry Goldstrom, IT Supervisor, The City of Artesia, NM:

#completevisibility

Netwrix Auditor Unified Platform for Change and Configuration Auditing

Active Directory

Exchange

File Servers

SharePoint

SQL Server

VMware

Windows Server

Auditing solutions for: Major features:

Audit Assurance™: Captures all IT changes with ‘Who’, ‘What’, ‘When’

and ‘Where’ details with ‘before’ and ‘after’ values

Configuration Assessment: State-in-time™ reports showing

configuration settings at present or at any moment in the past

Audit Intelligence™ More than 150 predefined easy to read reports

and dashboards with actionable intelligence with filtering, grouping, sorting, exporting, email subscriptions and ability to create custom reports

Audit Archive™: Scalable two-tiered storage (file-based + SQL

database) holding consolidated audit data for up to and beyond 10 years

Unified Platform to audit the entire IT infrastructure (including

systems with limited native logging capabilities, Syslog support, activities video recording), as opposed to multiple hard-to-integrate standalone tools from other vendors

#completevisibility

Next Sessions

Episode I: HIPAA Compliance (recorded)

netwrix.com/how_to_ensure_continuous_compliance_episode_1_hipaa.html

Episode II: PCI Compliance (recorded)

netwrix.com/how_to_ensure_continuous_compliance_episode_2_pci.html

Upcoming webinars:

netwrix.com/webinars

Recorded webinars:

netwrix.com/webinars#featured

#completevisibility

Briefly About Netwrix

All awards: www.netwrix.com/awards

#completevisibility

Netwrix Corporation

Corporate Headquarters:300 Spectrum Center Drive #820 Irvine, CA 92618888-638-9749www.netwrix.com

Additional Offices:Columbus, OHParamus, NJAtlanta, GAKent, UK

Founded in 2006

Headquartered in Irvine, California

Philosophy – deliver complete visibility of IT infrastructure.

Used to enable IT auditing by over 160,000 IT departments worldwide.

Over 6000 licensed deployments with more than 6M user licenses installed.

Global support North America, EMEA and Asia.

Among the fastest growing software companies in the US.

#completevisibility

Our Customers

Financial

Healthcare & Pharmaceutical

Federal, State, Local, Government

Industrial/Technology/Other

#completevisibility

Next Steps

Free Guide: FISMA Compliance with Netwrix Auditor

netwrix.com/compliance.html#fisma

Free Trial: setup in your own test environment

netwrix.com/freetrial

Test Drive: virtual POC, try in a Netwrix-hosted test lab

netwrix.com/testdrive

Live One-to-One Demo: product tour with Netwrix expert

netwrix.com/livedemo

Contact Sales to obtain more information

netwrix.com/contactsales

#completevisibility

Thank You for Your Attention!

Questions?

Roy Lopez

Sales Engineer, Netwrix Corporation

Roy.Lopez@netwrix.com

+44 (0) 203 588 3023 ext 2833

#completevisibility

Prize Drawing

Haven’t won this time? Sign up for upcoming sessions: https://www.netwrix.com/webinars.html

Get Your GoPro Hero!