The Family Educational Rights and Privacy Act (FERPA) of 1974 aims to preserve the privacy of student education records. According to the U.S. Department of Education, this federal law applies to all schools receiving funds under their applicable program. With ManageEngine EventLog Analyzer, you can ensure the security of students' educational records and meet FERPA's compliance requirements.
How does EventLog Analyzer fulfill FERPA requirements?
EventLog Analyzer, a log management and auditing solution, can help you comply with FERPA section 99.31 (a)(1)(ii). Take a look at the predefined reports provided by EventLog Analyzer to help your enterprise meet FERPA requirements:
FERPA sections
Section 99.31
(a)(1)(ii)
Description of requirement
Monitor and restrict access to sensitive information stored in the network
Some of EventLog Analyzer's reports
that can help fulfill FERPA's
requirements
USB Plugged In
USB Plugged Out
Removable Disk Modifications
File Created
File Modified
File Deleted
File Renamed
File Permission Changes
SQL Server Privilege Abuse
SQL Server Unauthorized Copies of Sensitive Data
SQL Server Account Locked Out
SQL Server Storage Media Exposure
SQL Server SQL Injection
SQL Server Denial of Service
SQL Server Database Created
SQL Server Database Dropped
SQL Server Database Altered
SQL Server Password Changes
SQL Server Password Changes Failed
MySQL Logon Success
MySQL Logon Failures
Apache Client Errors
Apache Server Errors
Apache HTTP Internal Server Error
Apache HTTP Forbidden
Apache HTTP Bad Request
Apache HTTP Unauthorized
Apache SQL Injection
Apache Cross Site Scripting
Apache Directory Traversal
Apache Malicious URL Request
and more
FERPA compliance management made easy
with EventLog Analyzer
To ensure that a student's confidential information is not leaked, it is important to monitor the data being transferred to and from an institution's network. EventLog Analyzer can help you monitor removable disk usage, database activities, web server activities, and more to detect any malicious activity.
Removable disk auditing
One way through which sensitive data can be stolen is USB disks. With EventLog Analyzer, you can track the usage of removable devices by collecting, monitoring, and analyzing server and workstation logs from a single console.
Based on the collected logs, EventLog Analyzer generates graphical reports that give you detailed information regarding the instances when a USB device is used in the network along with the operations performed using the removable disk.
Apart from generating reports, EventLog Analyzer will also notify you in real time when a removable disk is being used to transfer data.
Monitoring database activities
Monitor access to confidential student records stored in database servers using EventLog Analyzer. By collecting and analyzing database server logs, EventLog Analyzer generates reports that help you monitor database logons, queries executed on the database, changes made on the database, permission changes, SQL injection attacks, DOS attacks, and more. Get real-time alerts via email and SMS when any suspicious activity occurs in your database server.
Web server and FTP server auditing
Detect web server attacks and get notified in real time by auditing Microsoft IIS web server logs, FTP server logs, and Apache web server logs using EventLog Analyzer. Get detailed reports on error events such as client and server errors, password changes, HTTP bad requests, and security attacks such as SQL injection attacks, cross-site scripting attacks, DOS attacks, and more. You can also monitor files uploaded, downloaded, and deleted in the IIS and Unix FTP servers using FTP server reports.
Other features offered by EventLog Analyzer
IT compliance management
Comply with various regulatory mandates such as HIPAA, PCI DSS, FISMA, GLBA, ISO 27001, and more with audit-ready compliance reports.
Real-time alerting
Configure alert profiles and get real-time notifications via email or SMS when a threat is detected in the network. Automate response actions by associating alert profiles with incident response workflows.
Log analysis
Collect, parse, analyze, and archive logs from any device on your network. Monitor network activities with built-in graphical reports and get real-time alerts when any security threat is detected.
File integrity monitoring
Monitor logs for unauthorized changes made to critical files and folders with real-time alerts and comprehensive reports that specify crucial details about the modified files.
5 reasons to choose EventLog Analyzer as your
FERPA compliance solution
1
Comprehensive log management
NERC emphasizes the importance of monitoring firewall and activities. EventLog Analyzer provides out- of- the- box support for prominent firewall vendors like Barracuda, Sonicwall, pfSense, Palo Alto Networks, and Fortinet. Additionally, the solution supports over 750 other log sources for complete network log management.
Audit all the BES cyber assets in your network and obtain a detailed overview on what's happening in the network in the form of intuitive dashboards. The solution also comes with compliance-ready reports for prominent regulatory mandates, including NERC.
NERC mandates that organizations detect network anomalies and trace security threats. EventLog Analyzer's powerful correlation engine holds over 30 predefined correlation rules, and detects known malicious patterns by analyzing activities across the network.
Implement a reliable system to detect and prevent malicious activity in your network. The solution has an integrated incident response and management console that assigns tickets when critical security events are detected to speed up incident resolution.
Ensure that no malicious source enters your network with the advanced threat intelligence feed. Detect malicious IP addresses, URLs, and domain interactions with the built-in global IP threat intelligence database and STIX/TAXII feed processor.
The Family Educational Rights and Privacy Act (FERPA) of 1974 aims to protect the privacy of student education records. This federal law gives students' parents the right to access, inspect, and review their child's education records, the right to have them amended, and the right to have some control over their disclosure. These rights are transferred to the student when they reach 18 years of age or enter an institution beyond high school. Educational institutions store sensitive information belonging to a student such as their Social Security numbers, health records, bank details, and educational records. Failure to comply to FERPA can result in serious penalties.
Who is responsible for FERPA compliance?
This federal law applies to all educational institutions that store sensitive student information and are receiving funds for certain programs of the U.S. Department of Education.
EventLog Analyzer Trusted By
Customer Speaks
Credit Union of Denver has been using EventLog Analyzer for more than four years for our internal user activity monitoring. EventLog Analyzer provides great value as a network forensic tool and for regulatory due diligence. This product can rapidly be scaled to meet our dynamic business needs.
Benjamin Shumaker
Vice President of IT / ISO
Credit Union of Denver
The best thing, I like about the application, is the well structured GUI and the automated reports. This is a great help for network engineers to monitor all the devices in a single dashboard. The canned reports are a clever piece of work.
Joseph Graziano, MCSE CCA VCP
Senior Network Engineer
Citadel
EventLog Analyzer has been a good event log reporting and alerting solution for our information technology needs. It minimizes the amount of time we spent on filtering through event logs and provides almost near real-time notification of administratively defined alerts.
Joseph E. Veretto
Operations Review Specialist Office of Information System
Florida Department of Transportation
Windows Event logs and device Syslogs are a real time synopsis of what is happening on a computer or network. EventLog Analyzer is an economical, functional and easy-to-utilize tool that allows me to know what is going on in the network by pushing alerts and reports, both in real time and scheduled. It is a premium software Intrusion Detection System application.
Free Edition
