FISMA Compliance Report
To protect confidential government data from security attacks and breaches, organizations must deploy high-level security mechanisms, as instructed by the Federal Information Security Management Act (FISMA). FISMA mandates that federal agencies and other organizations dealing with government information establish a formal security program and conduct annual audit reviews to ensure continuous network security.
To comply with FISMA, security administrators must continuously monitor and audit the activities happening across their network. The FISMA guidelines are so stringent that it's almost impossible to compile the required audit reports manually. Security admins need a comprehensive log management solution that centrally collects, monitors, and analyzes log data across the network and extracts meaningful information in the form of reports.
That's where EventLog Analyzer comes in to automate all your log management processes. It helps address the security controls, risk assessments, and continuous monitoring aspects of the security framework established by your organization.
This solution provides out of the box reports that help you meet the following FISMA controls:
Meeting the Audit and Accountability (AU) requirements of FISMA
This requirement demands continuous monitoring of access and activities performed on the files and folders (objects) that store confidential government data.
EventLog Analyzer, with its predefined reports and real-time alerts, facilitates continuous monitoring of confidential data. The predefined reports provide detailed information on object access, such as:
- Which user accessed or performed an operation on the object.
- The date and time of the event.
- The location from which the object was accessed or the operation was initiated
This solution also provides reports based on the type of operation performed on the object. Apart from the Object Access report, the solution also gives reports for other events, such as:
- Object created
- Object modified
- Object deleted
- Object accessed
- Object handle
EventLog Analyzer also generates real-time email or SMS alerts that help security administrators instantly identify any unauthorized access or operation being performed on the object. These notifications enable administrators to mitigate the data breach as early as possible.
Satisfying the requirements for Certification, Accreditation, and Security Assessments (CA)
FISMA mandates regular audits and continuous monitoring of the internal security framework established by the organization. The CA guideline of FISMA requires monitoring of the services and applications running across the network to prevent the installation of any unauthorized services or applications.
To meet this requirement, EventLog Analyzer provides a Windows Services report that gives detailed information on when the service was started and which host the service is running on. This solution also helps proactively mitigate security threats by generating real-time email or SMS alerts upon the initiation of any unauthorized Windows services.
Contingency Planning (CP) with EventLog Analyzer reports
EventLog Analyzer's predefined, Windows Backup and Restore reports help you, in a time of crisis, identify and restore all the confidential data . These reports also provide detailed information such as the time, date, and user who initiated the backup and restore operations..
Reports for Access Control (AC)
EventLog Analyzer helps you monitor access to terminal servers, Windows workstations, Linux and Unix servers, network devices, and more. This solution provides detailed out of the box reports on Unsuccessful User Logons, Successful User Logons and Logoffs, and more.
It also provides exhaustive information on Terminal service sessions, such as details on connection, disconnection, and reconnection, which gives you better visibility on the remote access details of your network, as well.
Identification and Authentication (IA) requirements of FISMA
EventLog Analyzer gives you on-the-fly reports on Individual User Actions that help you meet the IA requirements of FISMA.
The solution's Individual User Actions report shows you the complete picture for user actions. It also provides detailed information on the W's of auditing (i.e. who accessed the information, and when it was accessed).
Reports for Configuration Management (CM)
EventLog Analyzer helps document any information system changes that could possibly impact the security framework of the organization. This solution provides detailed reports to help monitor any system changes, such as Windows software updates and changes or upgrades to critical security applications (e.g. anti-malware and other business software). Thus, EventLog Analyzer enables the satisfaction of the CM FISMA requirements, along with the others specified.