VANGUARD Policy Manager TM

Similar documents
VANGUARD POLICY MANAGERTM

POLICY MANAGER VANGUARD POLICY MANAGER (AUDIT/COMPLIANCE)

Analyzer runs thousands of integrity checks for both RACF and z/os Security Server.

PROFESSIONAL SERVICES (Solution Brief)

DATA SHEET VANGUARD CONFIGURATION MANAGER TM KEY FEATURES: VANGUARD TAKES THE TARGET OFF YOUR

VANGUARD INTEGRITY PROFESSIONALS Page 1

VANGUARD WHITE PAPER VANGUARD GOVERNMENT INDUSTRY WHITEPAPER

DATA SHEET. ez/piv CARD KEY FEATURES:

SOLUTIONS BRIEFS. ADMINISTRATION (Solutions Brief) KEY SERVICES:

VANGUARD WHITE PAPER VANGUARD INSURANCE INDUSTRY WHITEPAPER

WHITE PAPERS. INSURANCE INDUSTRY (White Paper)

Insurance Industry - PCI DSS

DATA SHEET. VANGUARD ez/tokentm KEY FEATURES:

DATA SHEET VANGUARD AUTHENTICATORTM KEY FEATURES:

NOTE: This process is not to be used for Grouping/ Member Classes. Those will be covered in another White Paper.

Removing ID. The Solution: The Issue: The Problem:

VANGUARD Compliance Manager VANGUARD Policy Manager VANGUARD Security Manager VANGUARD Enforcer

FairWarning Mapping to PCI DSS 3.0, Requirement 10

74% 2014 SIEM Efficiency Report. Hunting out IT changes with SIEM

University of Pittsburgh Security Assessment Questionnaire (v1.7)

Performing a z/os Vulnerability Assessment. Part 2 - Data Analysis. Presented by Vanguard Integrity Professionals

Governance, Risk, and Compliance: A Practical Guide to Points of Entry

Maximizing IT Security with Configuration Management WHITE PAPER

Cybersecurity The Evolving Landscape

INTELLIGENCE DRIVEN GRC FOR SECURITY

eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments

Best Practices for PCI DSS Version 3.2 Network Security Compliance

Secret Server HP ArcSight Integration Guide

Demonstrating Compliance in the Financial Services Industry with Veriato

New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines

Tracking and Reporting

NEW YORK CYBERSECURITY REGULATION COMPLIANCE GUIDE

Is Your z/os System Secure?

Overview: Compliance and Security Management PCI-DSS Control Compliance Suite Overview

Putting It All Together:

Managing Cybersecurity Risk

Oracle Database Vault

Securing Office 365 with SecureCloud

Automating the Top 20 CIS Critical Security Controls

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

The Convergence of Security and Compliance. How Next Generation Endpoint Security Manages 5 Core Compliance Controls

Cyber Security Program

Privileged Account Security: A Balanced Approach to Securing Unix Environments

SWIFT Customer Security Programme

SQL Security Whitepaper SECURITY AND COMPLIANCE SOLUTIONS FOR SARBANES OXLEYANDCOBIT

Managing Privacy Risk & Compliance in Financial Services. Brett Hamilton Advisory Solutions Consultant ServiceNow

SECURITY PRACTICES OVERVIEW

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Establish and Maintain Secure Cardholder Data with IBM Payment Card Industry Solutions

WHITEPAPER. THE INGRES DATABASE AND COMPLIANCE Ensuring your business most valuable assets are secure

Security and Compliance Powered by the Cloud. Ben Friedman / Strategic Accounts Director /

Cybersecurity Conference Presentation North Bay Business Journal. September 27, 2016

THE TRIPWIRE NERC SOLUTION SUITE

WHITE PAPER. The General Data Protection Regulation: What Title It Means and How SAS Data Management Can Help

AND FINANCIAL CYBER FRAUD INSTITUTIONS FROM. Solution Brief PROTECTING BANKING

Information Security Risk Strategies. By

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft

SQL Security Whitepaper SECURITY AND COMPLIANCE SOLUTIONS FOR PCI DSS PAYMENT CARD INDUSTRY DATA SECURITY STANDARD

Standard CIP Cyber Security Systems Security Management

Complete document security

Using GRC for PCI DSS Compliance

SECURITY & PRIVACY DOCUMENTATION

A Checklist for Compliance in the Cloud 1. A Checklist for Compliance in the Cloud

IBM Software Bridging the data security gap

Building a Case for Mainframe Security

Enhancing Virtual Environments

SOX/COBIT Framework. and Netwrix Auditor Mapping. Toll-free:

What is HIPPA/PCI? Understanding HIPAA. Understanding PCI DSS

BEYOND CJIS: ENHANCED SECURITY, NOT JUST COMPLIANCE

Clearing the Path to PCI DSS Version 2.0 Compliance

Sponsored by Oracle. SANS Institute Product Review: Oracle Audit Vault. March A SANS Whitepaper. Written by: Tanya Baccam

How Secure Do You Feel About Your HIPAA Compliance Plan? Daniel F. Shay, Esq.

locuz.com SOC Services

CONSIDERATIONS BEFORE MOVING TO THE CLOUD

security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name.

IBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT

The State of the Hack. Kevin Mandia MANDIANT

SOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

Secure your company s Crown Jewels. workshop

Compliance with CloudCheckr

Data Security and Privacy at Handshake

What is Penetration Testing?

10/12/2017 WHAT IS NIST SP & WHY SHOULD I CARE ABOUT IT? OVERVIEW SO, WHAT IS NIST?

What is PCI/DSS and What s new Presented by Brian Marshall Vanguard Professional Services

Internet Scanner 7.0 Service Pack 2 Frequently Asked Questions

The Convergence of Security and Compliance

Top Ten Security Vulnerabilities in z/os Security Doug Behrends Sr. Professional Services Consultant Vanguard Integrity Professionals

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045

SQL Compliance Whitepaper HOW COMPLIANCE IMPACTS BACKUP STRATEGY

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

Overview. Business value

IBM Internet Security Systems October Market Intelligence Brief

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

IBM Security Services Overview

Operational Network Security

Virtual Machine Encryption Security & Compliance in the Cloud

Global Security Consulting Services, compliancy and risk asessment services

USING QUALYSGUARD TO MEET SOX COMPLIANCE & IT CONTROL OBJECTIVES

White Paper. Closing PCI DSS Security Gaps with Proactive Endpoint Monitoring and Protection

Evolution of Cyber Attacks

Transcription:

Compliance Endures that RACF commands comply with company policy Remediation Provides proactive enforcement, corrects commands in accordance with corporate policies Auditing Provides and audit trail within the profile and command history VANGUARD POLICY MANAGER dramatically reduces security risks and improves regulatory compliance, minimizing the need for expensive remediation, while increasing staff productivity. Policy Manager provides proactive enforcement, corrects commands in accordance with corporate policies, while controlling security administrators. Policy Manager provides real-time audit trail of all commands, available only for authorized users to view. When Help Desk personnel or decentralized administrators issue commands that are not compliant with security policies, Senior RACF administrators end up spending hours to rectify the resultant issues and clean up the mainframe environment. These mistakes and deviations from policy can leave your mainframe extremely vulnerable and could cause your organization to fail a system audit as well. If the problems are not addressed, a RACF database that is poorly maintained due to noncompliant commands being initiated can be an open door for malicious activity. Mainframe Information Security professionals need a solution to stop policy violations and maintain compliance. Vanguard Policy Manager gives these administrators the power to control the mainframe environment and ensure constant compliance. Key Features Ensures all RACF commands comply with company policy. Where possible, modifies commands to be compliant. Provides an audit trail within the profile of the command history. Provides pre-defined best practice policies. The ability to create and customize user defined policies. Page 1

Take Control Of Policy Adherence With Vanguard Policy Manager POLICY MANAGER is the best in class solution for extending the capabilities of native RACF to ensure policy adherence. Vanguard POLICY MANAGER limits the ability to access databases and applications, prevents privilege creep, and effectively stops employees from making changes unless they have been explicitly authorized to do so. Utilizing this solution enables enterprises to prevent problems before they occur and ensures regulatory compliance 24 hours a day, seven days a week. automatic, pre-emptive action to stop users from issuing RACF commands that do not comply with acceptable access policies before problems occur and before they are discovered by an audit. With Vanguard POLICY MANAGER, authorized personnel can easily and accurately control which users and/or groups of users can execute specific commands, parameters, and sub-parameters. The solution either modifies non-compliant commands to conform with policy or prevents execution entirely. Administrators do not require programming experience to use POLICY MANAGER. Designed for very large companies and organizations with many IT administrators across the mainframe environment, Vanguard POLICY MANAGER dramatically reduces security risks and improves regulatory compliance, minimizing the need for expensive remediation, while increasing staff productivity. The solution takes Policy Manager: Increase Security, Ensure Compliance, Boost Productivity, And Reduce Costs The mainframe environment in many enterprises today is an access incident away from disaster. The lack of control over access policies makes security breaches and the resulting problems that ensue inevitable. With Vanguard POLICY MANAGER, enterprises can take automatic, pre-emptive control to stop issues before they happen. In an age where tight security and regulation of user access is a must, Vanguard POLICY MANAGER provides a way to protect enterprises against accidental and willful RACF misuse. As enterprises strive to become more competitive, POLICY MANAGER offers an effective method for increasing security, improving compliance, and boosting productivity, while decreasing costs. Page 2

The Many Benefits Of Vanguard Policy Manager Prevents Intentional and Accidental Changes Stops unauthorized users from changing RACF profiles and prevents commands that do not comply with written policy from being issued, which dramatically reduces and even eliminates security breaches and compliance issues in mainframe systems. Reduces Unfavorable Audit Findings Preventing users from issuing noncompliant RACF commands and stopping privilege creep, results in audits that rarely produce findings requiring remediation. This not only ensures strict adherence with compliance regulations, it diminishes the chance of fines imposed by regulatory bodies and potential lawsuits initiated by angry customers affected as a result of system special or RACF problems. Enforces Best Practices Supports user defined policies and includes a set of pre-defined policies, which are based on a set of best practices identified by Vanguard. The Vanguard Policy Manager Best Practices manual contains a description of each policy, why it is important, and how it should be followed. These best practices provide a valuable tool to enterprises that need to establish or strengthen their policies and practices. Increases Productivity Prevents submission of an unauthorized or non-compliant command by modifying the command in accordance with policy. This reduces potential errors and omissions and eliminates the need for rewriting and resubmitting commands, resulting in improved security personnel productivity. Strengthens Security and Compliance By preventing unauthorized users from making non -compliant changes, breaches are reduced, security is increased, and compulsory audits and internal investigations rarely produce negative findings. As a result, enterprises spend less time and money remediating security issues and conducting extensive and time-consuming audits and forensic investigations to determine whether policy has been followed and which RACF profiles have been changed or tampered with. Logs all RACF activities and enables administrators to run detailed reports that provide an accurate accounting of the mainframe access environment, offering a complete and powerful tool for streamlining the audit process. Provides a powerful Educational Tool When a user issues a non-compliant command in RACF, Vanguard Policy Manager issues an error message that states why the command failed and provides immediate feedback. This ongoing educational mechanism ensures a more informed user base and security administrators who are better trained to do their jobs, while minimizing the time necessary to trace and solve RACF problems. Page 3

Key Differentiators Key Differentiators Provides the ability to create policies based on ownership, Level or HLQ - Ownership, Level or HLQ can be used to associate or categorize dissimilar profiles for PCI, SOX, PII, HIPPA, and other regulatory standards for protection. Uses z/os Security Server to enforce and prevent changes against the policy rules. All rules for policy enforcement are completely contained within the z/os Security Server. Attempts to tamper with the security server rules will be detected, prevented and alerted upon. Policy Manager tracks changes to the security server. The Command Audit Trail of POLICY MANAGER tracks the actual changes made to the security server profiles within the profiles themselves. This makes it very easy for administrators to report on the actual changes made to specific profiles or SETROPTS settings and who and when those changes were made. This satisfies numerous regulatory requirements including NIST 800-53, Payment Card Industry Standards (PSS-DSS), Sarbanes-Oxley (SOX) and others. Policy Manager uses native z/os Security Server interfaces for reporting changes to the security server. Policy Manager comes with best practices that can be enabled with a simple flip of a switch. Policy Manager provides the most advanced secure password capabilities while providing real-time password management. Page 4

Why Vanguard to Secure Your Enterprise? Almost half of the Fortune 1000 companies in the world spanning banking, retail, insurance, as well as numerous government agencies trust Vanguard with their enterprise security. About Vanguard Security Solutions Vanguard offers the most advanced and integrated portfolio of enterprise security products and services in the world. The portfolio was the first to offer fully automated baseline configuration scanner for Mainframe DISA STIGs the Gold Standard for Security. For More Information To learn more about Vanguard Security Solutions please call 702.794.0014 or visit www.go2vanguard.com Corporate Headquarters 6625 S. Eastern Avenue Suite 100 Las Vegas, NV 89119-3930 Page 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback