Security & Integrity Monitoring
Security and Integrity Monitoring
Monitor your system for unauthorized changes, so security threats can be detected and removed before mission-critical data is damaged or exposed.
Receive instant notifications of unapproved activity.
Detect unauthorized changes to files, so threats can be removed.
Meet the requirements of common regulatory standards.
Get the Visibility You Need
The increase in data breaches over the past 10 years, and the creative methods attackers use to access sensitive data, confirm that the best defense is multi-layered data protection.
Putting barricades in place to prevent attackers from accessing your system is essential, but you also have to verify their effectiveness. File integrity monitoring (FIM) is an internal control or procedure that validates the integrity of files, typically by comparing the current state to the known baseline or by monitoring file changes and notifying interested parties in real time.
Your Safety Net: Identifying and Tracking Abnormal Activity
What’s the point of security integrity monitoring if you already have security controls in place? It’s your back-up protection.
Monitoring changes on your system enables you to respond promptly to suspicious activity, so that you can minimize—or prevent—the damage. Security integrity monitoring initiatives typically involve providing visibility into:
- Which user initiated a change
- What application or function made the change
- When the change was made
- What the value was before and after the change
- Whether the change was authorized
If a breach occurs, the information provided by integrity monitoring allows you to assess the scope of the breach. Proving that only a small subset of a database was exposed can result in a smaller, less costly breach response. Proving that personally identifiable information (PII) was not exposed could save you time and resources—and minimize negative publicity.
PCI DSS and HIPAA Require File Monitoring
Security integrity monitoring is often necessary to stay compliant with government regulations and industry standards.
For example, the Payment Card Industry Data Security Standards (PCI DSS) requires file integrity monitoring or change-detection software to ensure your audit trail cannot be altered without creating an alert. The Health Insurance Portability and Accountability Act (HIPAA) requires mechanisms that verify protected health information has not been changed or destroyed in an unauthorized manner.