compliance_fisma.php

SOLUTIONS

Security
Compliance
- SOX 404
- GLBA
- NISPOM
- HIPAA
- FFIEC
- PCI
- FISMA
Operations

Compliance - FISMA

Related Resources

	EventTracker Map to FISMA Requirements
	Whitepaper: Helping Meet FISMA Compliance with EventTracker
	Webinar: Maximize Your Log Data
	Comprehensive Compliance Service Package

Federal Information Security Management Act (FISMA)

The Federal Information Security Management Act (FISMA) is intended to improve computer and network security within the federal government and other affiliated organizations such as government contractors.

The FISMA rules are wide reaching and call for the implementation of a formal security plan at all agencies and contractors that handle government data, continuous monitoring, as well as a periodic audit of computer systems. FISMA tasked the National Institute of Standards and Technology (NIST) with the creation of a standard framework that is required in all cases with the exception of information systems regarded as National Security Systems in DOD and the Intelligence community (these are covered by either the DIACAP or DCID 6/3 frameworks). In addition, all agencies required to comply with regulations such as HIPAA are also required to comply with those regulations as well.

Depending on the sensitivity of the system to be audited, products like EventTracker are critical to meeting and demonstrating FISMA compliance. One of the central themes of FISMA is maintaining a secure audit trail of user activity which EventTracker provides. EventTracker features for FISMA include:

Access Control

Logging and auditing the use of privileged access

DNS Servers, routers and switches

Logging and monitoring administrative access to these devices

Operating systems

Logging and monitoring user or program access to sensitive system resources, including files, programs, processes, or operating system parameters
Filtering logs for potential security events, and providing adequate reporting and alerting capabilities
Activating and using operating system security and logging capabilities, and supplementing them with additional security software where supported by risk management process
Restricting and logging access to system utilities, particularly those with data altering capabilities
Monitoring operating system access by user; terminal, date, and time of access

Applications

Logging access and security events
Using software that enables rapid analysis of user activities
Logging access and events

Remote Access

Logging and monitoring remote access
Logging and monitoring the date, time, user, user location, duration, and purpose for all remote access

Pre-defined FISMA Audit-ready Reports:

Audit Logs Access
Logon Failure
Security Log Archiving History
Track Account Management Changes
Track Application Access
Track Audit Policy Changes
Track Directory/File Access
User Logon
User Logoff

8815 Centre Park Dr. • Columbia MD 21045 • 877.333.1433