Federal Financial Institutions Examination Council (FFIEC) requires financial institutions and their service providers to maintain effective security compliance management programs which provide availability of systems, confidentiality of data or systems, accountability and assurance. Federal Financial Institutions Examination Council (FFIEC) standards call for financial institutions to collect, retain and review logs and audit trails in such security and control areas as user access rights administration, firewall policy, and remote access.
Prism Microsystems solutions fulfill the following FFIEC requirements
- Logging and auditing the use of privileged access
- Recording all significant events performed by the Certificate Authority (CA) in a secure audit log
- Recording all significant events performed by the Certificate Authority (CA) in a secure audit log
- Reviewing exception reports and system activity by the CA's employees on a routine basis to detect malfunctions and unauthorized activities
- Logging and monitoring administrative access to these devices
- Logging and monitoring user or program access to sensitive system resources, including files, programs, processes, or operating system parameters
- Filtering logs for potential security events, and providing adequate reporting and alerting capabilities
- Activating and using operating system security and logging capabilities, and supplementing them with additional security software where supported by risk management process
- Restricting and logging access to system utilities, particularly those with data altering capabilities
- Monitoring operating system access by user; terminal, date, and time of access
- Logging access and security events
- Using software that enables rapid analysis of user activities
- Logging access and events
- Logging and monitoring remote access
- Logging and monitoring the date, time, user, user location, duration, and purpose for all remote access
