Reply is the place to meet an incredible variety of enthusiastic, passionate, ideas-driven people, who want to make a difference and an impact.Would you like to know more?
In the last few years, the main objective of Security Managers has been to protect the Company Assets from external threats. Sophisticated firewalling, prevention and intrusion detection techniques have been used to deploy an effective protection shield.
At the same time the problem related to internal attacks - Insider Threats - has been underestimated and the regulatory landscape has undergone major changes. New standards and regulations such as ISO 27001-2, Sarbanes-Oxley, and COSO and COBIT frameworks, have been established.
Blue Reply offers a new solution based on IBM Tivoli Compliance Insight Manager [TCIM] with the following objectives:
• Log Management; • Compliance with the Standards; • Prevention of Insider Threats; • Forensic Analysis.
Log Management allows centralizing server, appliance and business application logs within a single repository. Moreover it provides log correlation tools made available through the W7 methodology:
Compliance with the Standards allows going through the scrupulous checks of the Auditors.
Prevention of Insider Threats allows protecting the Company Assets from insider threats.
Forensic Analysis allows detecting the author of a criminal act against the company
The implementation takes places in two steps. The methodology actually includes a first process which identifies and reduces the marginal details by simplifying the real context in which the solution is to be implemented. In the specific ILW (Insight Little World) obtained through this procedure, the appropriate valuations are carried out and the main design operations for log management are performed. Subsequently the minimized landscape is extended again to a landscape of any size. The solution thereby created for the little world becomes easily adaptable to the actual environment.
The auditing and compliance solution of Blue Reply allows the IT manager to get a clear real-time situation of what is happening, when this happened, who did it and the effects of this action. These activities are carried out by TCIM (Tivoli Compliance Insight Manager) through the centralized collection, the homogenization of the logs and the production of reports compliant with the standards. These results build the foundations for an exhaustive analysis of User Groups’ activities, Conduct Policies and Special Actions. By means of these rules it is possible to identify what is illegal and thus represents a potentially dangerous action. All logs are duly encoded and described by a timestamp. These characteristics make them effective for legal purposes.