Knowledge

Articles by tag "laws"

9/20/2015 White Papers

Log Management Compliance - SOX - Sarbanes-Oxley Act

SOX requires that all publicly traded companies establish and follow a framework of internal controls that support accountability and integrity of the financial reporting process. A vital part of SOX requirements includes the collection, management, and analysis of log data. 

9/20/2015 White Papers

Log Management Compliance - NERC CIP - The North American Electric Reliability Corporation

NERC has its own framework to protect bulk power systems against cybersecurity compromises that could result in operational failures or instability. The NERC CIP v5 further addresses cyber-related risks facing this sector by indorsing organizations to categorize BES, Bulk Electric Systems, into high, medium, and low impact. After being categorized, BES assets can have suitable CIP, Critical Infrastructure Protection, standard applied to address risk.

9/20/2015 White Papers

Log Management Compliance - PCI DSS - Payment Card Industry Data Security Standards

The PCI DSS was created to encourage and enhance cardholder data security and facilitate the extensive adoption of consistent data security measures worldwide. This applies to all organizations that store, process, and/or transmit cardholder data.

9/20/2015 White Papers

Log Management Compliance - GLBA - Gramm-Leach-Bliley Act

GLBA, also known as the Financial Modernization Act of 1999, was enacted to secure protection over customer records and information. To satisfy the riles and provisions of GLBA, financial institutions are obligated to perform security risk assessments, develop and implement security solutions that detect, prevent, and allow timely incident response effectively, and to perform auditing and monitoring of their security environment.

9/20/2015 White Papers

Log Management Compliance - DoDI 8500.2 - Department of Defense Instruction

Since IT environments can generate millions of logs daily, DoDI 8500.2 has recommendations of analyzing and reporting on log data can reduce manual or homegrown remedies that are inadequate and cost prohibitive. 

The collection, management, and analysis of log data is necessary to meet many DoDI 8500.2 guidelines. LogIT meets these recommendations directly and inexpensively. LogIT delivers log collection, archiving, and recovery across clients’ entire IT infrastructure.

9/20/2015 White Papers

Log Management Compliance - NIST-CSF - The National Institute of Standards and Technology Cyber Security Framework

NIST-CSF sets information security standards and guidelines for serious infrastructure as defined within the Executive Order 13636 from the President of the United States of America. NIST-CSF guides critical infrastructure agencies in documenting and applying controls of information technology systems that support their operations and assets. These published guidelines cover many areas involving access control, audit and accountability, incident response, and system and information integrity. All of these areas can be met with the help of log management. Each agency is responsible for implementing the minimum security necessities as outlined by NIST.

9/20/2015 White Papers

Log Management Compliance - NIST 800-53 - National Institute of Standard and Technology Special Publication

NIST 800-53 produces information security standards and guidelines for federal information systems. It guides federal agencies in documenting and implementing controls that cover access control, audit and accountability, incident response, and system and information integrity.

9/20/2015 White Papers

Log Management Compliance - NRC RG 5.71 - Nuclear Regulatory Commission

In the Code of Federal Regulations, Section 73.54, Title 10 it is required that the NRC licensees provide high assurance that digital computer and communication systems and networks are sufficiently protected against cyber-attacks. The NRC developed and published “Regulatory Guide 5.71” to cover many areas surrounding access control, audit and accountability, incident response, and system and information integrity.

9/20/2015 White Papers

Log Management Compliance - NEI 08-09 Rev 6 - Nuclear Energy Institute

The NEI developed and published the NEW 08-09 Rev 6 to address many areas surrounding access control, audit and accountability, incident response, and system and information integrity. This is an extension of CFR 73.54.