Policy Minder

Security Policy Management Software for IBM i, UNIX, Linux, AIX, and Windows

Simplified security administration and compliance reporting

Platforms

IBM i (System i, iSeries, AS/400), UNIX, Linux, AIX, and Windows

Security Misconfiguration is a Leading Cause of Data Breaches

Poor system configuration is commonly exploited by attackers to gain access to valuable data and 2017 was a banner year when it came to the number of high-profile data breaches. Several of these incidents were caused by little more than human error—a series of blunders reminding us that simple misconfiguration can have a disastrous impact.

Many systems are deployed with no regard for security, especially those in rapid-deployment cloud environments managed by DevOps teams. Other organizations may deploy systems with proper security controls but fail to continuously monitor their system security and misconfiguration results over time. 

It is next to impossible to manage and maintain proper security without the right tools in place. Policy Minder helps organizations maintain proper security configuration by automatically applying the proper security controls and ensuring those controls are maintained.

Protect Your Data with Automated Security Policy Management

Security policy management is easier with a user-friendly interface

Automated Security Compliance

Policy Minder saves security administrators countless hours of manual data analysis and reporting. With the ability to automatically compare security policies to actual server settings, you’ll guarantee that system reports are 100 percent accurate—and dramatically increase your productivity. Centralized compliance reporting also meets audit requirements for third-party generated reports versus reports that are compiled by hand.

Centralized Security Administration for On-Prem, Cloud, and Hybrid Environments

Policy Minder centralizes security administration regardless of whether your infrastructure is on-premises or in public, private, or hybrid cloud scenarios. Our agentless technology allows you to quickly enforce security policy adherence across your environment. Policy Minder allows you to apply security settings on system groups or individual security settings on systems across your environment. Policy Minder also automatically discovers cloud systems as they are deployed in the environment and enforces a proper security configuration to them, effectively adding SecOps to your DevOps process.

Streamlined Compliance Reporting

Automatically create compliance reports from the central Policy Minder console on the schedule that you choose. System by system, consolidated groups, or all of your servers on one report—it’s your choice. Provide the detail your auditors and management require about system state, issues fixed, and compliance status without the burden of requiring a server expert to individually audit each of your systems.

"Policy Minder reminds me of any policy exceptions every day, so nothing slips through the cracks. We're doing more with less, and we don’t want to go looking for the problems, we want them to come to us. Policy Minder accomplishes that for us."

Steve Mulder
Lead Systems Support Specialist
Amway

Automated Security Administration

When settings must be changed manually or by using scripting across multiple servers, the logistics of complying with your security policy become impractical and not auditable. From changing server settings to running compliance checks, you can take tedious and time-consuming security administration tasks off your plate and let software handle them automatically.

Here are just a few ways Policy Minder can automate your security administration tasks:

  • Apply your organization’s security configuration as new on-premises or cloud servers come online
  • Manage the permissions and ownership of files and directories
  • Run compliance checks to identify new files or changes to settings or files
  • Return global security settings to match compliance requirements
  • Identify inactive local user accounts
  • Ensure local user accounts remain configured correctly
  • Confirm that authorized changes are auditable by compliance teams

Multi-Platform Security Policy Management

Ensure policy adherence on multiple platforms

Policy Minder automates security administration and compliance reporting for organizations running:

Linux

AIX

HP-UX

Solaris

IBM i

Windows

Compliance Reporting

Reduce the burden on your administrators to provide compliance and audit reports across all of your systems. From a central console, Policy Minder allows you to monitor changes and run reports without the hassle of consolidating data across multiple servers or involving your operations staff.

Automating your compliance reporting with Policy Minder gives you the ability to:

  • Monitor for changes to ownership, permissions, and attributes for a specific set of files or directories 
  • Document policies with detail, including notes proving corporate policy adherence, justifying deviations from best practices, or detailing out-of-compliance items
  • Run reports that display both new, changed values and previous values
  • Consolidate reports from multiple servers into one report for auditors, eliminating manual processes
  • Run reports on time, regardless of how busy administrators are
  • Easily distribute reports via email in PDF or CSV format to yourself or compliance officers

Secure Your Cloud Deployments

Policy Minder seamlessly integrates with public, private, and hybrid cloud deployments. Policy Minder discovers the systems in your cloud infrastructure as they are created and then applies security settings to protect your cloud systems properly. Over time, Policy Minder continues to monitor and audit your configurations, making sure that your cloud systems are effectively secured from malicious attackers and inadvertent data breaches.

  • Are blacklisted services disabled?
  • Have critical system files been altered?
  • Are remote access settings properly secured?
  • Are unknown entities attempting to access your systems?

Easy Remedy of Policy Discrepancies

It’s one thing to identify a full list of security policy exceptions across your servers, and another to actually resolve all of them. No security administrator has time for such an onerous, manual task. Policy Minder has the power to both find and fix discrepancies across your servers—resulting in a more secure system in less time.

After Policy Minder identifies cases in which your actual settings do not match your defined policy, the software uses the FixIt feature to automatically remedy policy exceptions. You can schedule FixIt to run at selected times or on the fly, and the software will log changes made in a report which you can easily save and distribute. With Policy Minder, complying with your security policy is quick and easy, allowing you to avoid security threats that might have otherwise lurked on your system unnoticed for months.

Integrate Security & DevOps

Policy Minder will give you the visibility and security that your management teams require. As your DevOps team deploys systems to your premises or cloud, Policy Minder will automatically apply security controls and audits, instantly reporting on what it finds. No matter what regulatory framework you are working with, Policy Minder’s automatic application of security controls will alert you to vulnerabilities and misconfigurations.

Controls can be applied differently to different groups of systems based upon your preferences. For example, use one set of configurations for development systems and a more stringent configuration set on your production deployments. If desired, Policy Minder can even automatically change non-compliant findings to the desired configuration settings.

Define a Security Policy Automatically

Many IT security regulations require organizations to establish written statements of how they’ll protect IT assets, including customers’ personally identifiable information (PII). Large corporations might start with broad policies that guide the detailed information included in sub-policies that focus on specific types of data or regions of the world. For smaller companies, a single security policy might be sufficient.

Regardless of an organization’s size or complexity, servers have hundreds of configuration settings that affect security posture. Creating a security policy by manually documenting each setting is a time-consuming process that includes the very real risk of human error. Policy Minder takes the entire project off your to-do list by automating the creation of your security policy. Start by automatically documenting your system’s existing settings to establish a baseline. Updating the policy to reflect changes is quick and easy, and you can check for out-of-compliance settings as often as you want—even every day.

Available Services for Policy Minder

Get Started

Policy Minder saves administrators time by automatically documenting your security policy and checking server configurations for compliance. See how Policy Minder could simplify your organization’s security policy management in a software demo.

Want to secure your servers?

In just 10 minutes, find out where your security currently stands with a free HelpSystems Security Scan. We’ll evaluate your system’s vulnerabilities and suggest steps you can take to protect your critical data. It’s quick and easy, with no obligation to you.