eEye Digital Security — Enabling Regulatory Compliance

A staggering number of industry and governmental regulations exist today, each with a security requirement. In most cases, requirements state the responsibility of management for establishing and maintaining an adequate internal control and audit structure, procedures for financial and regulatory reporting. Organizations must provide an assessment of the effectiveness of the internal control structure and procedures.

These assessments must show the ability to detect problems with data alteration and general security; analyze overall data security; protect and maintain data validity; and remediate data integrity issues within a repeatable process framework.

From a network security perspective, this means a company needs to secure their IT environment by protecting, analyzing and remediating their vulnerabilities in a repeatable, controlled manner.

eEye Digital Security's Retina® Network Security Scanner provides the scanning, auditing and reporting functionality necessary to satisfy the security requirements of these regulations, and are an integral component of an optimal regulatory compliance solution. Whether your desire is to self-administer or outsource the management of this security function, eEye will work with you to deliver a cost effective, turn-key solution, which can easily be managed, monitored and administered.

eEYE APPROACH

eEye Digital Security has developed a systematic approach to address the challenges with satisfying the network security components of regulatory compliance. This vulnerability management workflow enables you to align eEye's innovative approach to network security to the real business risks facing your organization including preventing unauthorized access to your data, applications or systems.

Discover
The critical first step in identifying, checking and tracking all of the servers, workstations and devices that are attached to your network. All systems and devices can contribute to security threats and ultimate downtime so must be identified and audited.

Audit
The linchpin of the entire vulnerability management process, which entails checking all operating systems, hardware configurations and application configurations. This phase must be fast, non-intrusive, customizable, centrally organized and remotely maintained.

Delegate
Upon completion of a given vulnerability assessment, remediation activities are prioritized and assigned to team members. Rules can be created to automatically delegate security events as tasks according to severity level, origin or vulnerability type.

Remediate
Now it is time to take action, and begin dialogues on how to best remediate the discovered vulnerabilities through a combination of technology, processes, policies and training. As vulnerabilities can impact the entire organization, this step will typically be a multi-departmental effort.

Report
Whether monitoring specific machine information, providing executive level views or communicating other important data, reporting is an important element that must be evaluated along with everything else.

Adapt
The final stage for this workflow comprises the ongoing review of data collected from each preceding stage, and modifying your work flows and security measures to continue increasing security, improving performance and reducing the likelihood of unauthorized security breach.

SOLUTION ARCHITECTURE

Consistent with eEye’s best practices approach to threat management and network security, the architecture of eEye’s regulatory compliance solution is multi-tiered, starting with a comprehensive assessment and audit of all security threats on all network assets. This is accomplished through a Retina® Network Security scan.

Blink® performs the necessary intrusion prevention protection through the deployment of an agent on each identified network asset. This way each network asset, including mobile workers and wireless devices, may be reported upon, audited and logged, providing the necessary real-time protection each time a network connection is performed.

These events are logged and easily managed through REM™ Event Manager, a central management console, capable of real-time integration through pre-built APIs to larger IT management interfaces including CA’s UniCenter, IBM’s Tivoli and HP’s OpenView. As a whole, this architecture provides the means to holistically view your security resources, and to adapt your security solution over time to provide the optimal level of protection.