we make your business better
PLANS & PRICING
Most Recent Documents
Jobs & Careers
Politics & History
Health & Fitness
Art & Literature
STARTING A BUSINESS
GROWING A BUSINESS
Whitepaper: User Audit Options for Linux and Solaris
A variety of methods exist for auditing user activity in UNIX and Linux environments. This whitepaper looks at the 5 most popular methods for auditing. Each method is described, along with actionable tips for how to make the best use of each method. In addition, guidance is provided to show what type of auditing each method is best suited for.
ObserveIT Case Study - Establishing Visibility into Remote Vendor Access at Pelephone
Pelephone turned to ObserveIT’s window session recording platform for the purpose of establishing visibility into remote session activity. The initial deployment was rolled out on five internal corporate applications in October of 2006. Less than one month later, ObserveIT already delivered on its promise when Pelephone’s experienced an overnight service outage on a mission-critical business application. The back-and-forth process between IT and the software vendor offered no solution. Consulting the ObserveIT session recordings not only brought immediate resolution to the problem, it also helped identify the responsible party and precise cause, thus allowing Pelephone to implement procedures to prevent its reoccurrence.
ObserveIT Case Study - System Access Audit Compliance at The Center to Promote HealthCare Access
With One-e-App’s need for performance, ObserveIT’s small server footprint also impacted the deployment decision. In early 2009, a proof of concept was deployed on the One-e-App network. After successful POC completion, ObserveIT was rolled out in July 2009 to a system-wide deployment on 100 servers. Since the successful rollout, the admin team can now respond immediately to management requests for utilization reports of Terminal Servers. “We can track utilization, which allows peace of mind when a developer is in the server. If anything happens, we can always see what happened.”
ObserveIT Case Study - Auditing remote access of employees at a leading financial institution
In order to prepare the bank for emergency situations, during which the bank employees would have to work as "tele-commuters", the bank has prepared a Remote-Access-Plan (RAP). As part of this ambitious plan, the remotely employees go through a Citrix gateway, which guarantees safe and secure access. Bank Leumi had to record and monitor this activity in order to comply with the banking regulations. Bank Leumi integrated ObserveIT solutions and created an audited gateway. This way, all the remote users' activities would be recorded for future possible audit.
ObserveIT Case Study - Safety and Certainty for all Remote User Access at Elektrotim
As part of their commitment to safety and certainty, the company maintains ISO 27001 Certification, which focuses on Information Security Management Systems (ISMS). To fulfill their compliance requirements, ELEKTROTIM immediately recognized the need to monitor and log the activities of external users who access their network. This was of particular importance given the fact that their mission-critical ERP platform was managed by an external service provider. To avoid potential risks associated with this threat, ELEKTROTIM SA tested solutions from different vendors and choose ObserveIT because of its functionality and flexibility. "Our choice was ObserveIT because the method of recording user sessions (screenshots, plus text of typed commands), full indexing of session recordings, easy searching and their relatively small size of recorded sessions,which allow longer storage time," said Mr. Jasinski.
ObserveIT Case Study - Remote Vendor Monitoring at Coca-Cola
“As soon as vendors discovered that all actions are being recorded, it became much easier to manage them,” added Mr. Landes. “The process of troubleshooting errors and holding vendors accountable became much smoother, which led to greater stability in our applications.” In some cases, vendors attempted to disable the ObserveIT agent service in order to prevent session recording, but OberveIT’s watchdog mechanism prevented them from succeeding. In addition to the third-party vendor activity, CBC also records all internal IT users who access the sensitive domain admin servers, providing the IT department a greater level of security.
ObserveIT Case Study - Customer Auditing and ISO 27001 Certification at BELLIN Treasury
BELLIN’s management philosophy is to invest up-front in an effective infrastructure that will then stand the tests of time and keep administration costs low. Following this philosophy, they chose ObserveIT for their system auditing platform because it allowed them to set it up once, and then let it run, capturing all user activity. In this way, the auditing logs need only to be accessed during times of an actual audit. “We enjoy showing off to our customers that every user action is recorded passively, without any need for active recording requests”, commented Rick Beecroft, BELLIN’s Area Manager for the Americas and Pacific Rim. “Having ObserveIT deployed on our servers increases the confidence level all around. Our customers can rely on our transparency, and we can immediately identify issues should any problems arise.”
Remote Vendor Monitoring - Recording Secure Remote Access SSL VPN Gateway Sessions An ObserveIT Whitepaper
In the following article, I will demonstrate how to record remote-access VPN gateway sessions. In this deployment, all secure remote access sessions are routed through one or more central remote access gateways, with secondary remote desktop sessions serving as the method to access internal Windows or UNIX servers. All sessions gateway are fully audited and recorded. This recorded session allows Auditors and IT managers to have a full visual audit trail of all connections; identify the source of each connection; and view a step-by-step replay of the actions taken and applications accessed on these machines.
ObserveIT PCI DSS: How to Audit Applications when Logs Don't Help
This paper covers the critical challenges of implementing PCI DSS controls and suggests creative solutions for related compliance and security issues. Specifically, the hard problem of security monitoring and log review in cloud, legacy, and custom application environment is discussed in depth. Additionally, clarification of key PCI DSS compensating controls is provided. This paper will help you satisfy the regulatory requirements and improve security of your sensitive and regulated data.
Easy PCI - How to Elimnate Remote Vendors in PCI-DSS Compliant Platform
To respond to the requirements of the Payment Card Industry Data Security Standard regulation (PCI-DSS, or PCI for short), compliance officers must ensure that each user is accountable for all actions performed. For auditing business users, many of these needs can be answered using native system logs. But when it comes to privileged users, the requirements, sensitivities and complexities are all magnified. And when those privileged users happen to be third-party remote vendors, a redoubling of risk factors occurs…
People Auditing - Why are we ignoring the #1 cause of Downtime and Security Breaches?
Companies are investing in high-availability systems and performance monitoring solutions for data centers, but are failing to follow best practice procedures to avoid human errors. As complexity grows in IT infrastructure, administrators are searching for solutions that will help them effectively monitor and maintain these environments. But oddly enough, the simple question “Who last accessed the server and what did he do?” remains one of the toughest questions to answer. This is despite the variety of system management tools in use today. It is not enough to just monitor servers and applications when the #1 cause for server downtime is human error. Ask an expert about high availability, and the conversation quickly turns to the subject of human error...
Log Blindspots - How to overcome cases where system logs are insuffiecient
If you spend a few minutes browsing the websites of Log Management and SIEM tool vendors, you might come away with the conclusion that all your system audit and compliance problems are solved. Unfortunately, this rosy picture seems to ignore the ever-present problem of blindspots in audit reports: If your apps don’t log it, your audit report won’t show it.
How to Monitor Employees for Regulatory Compliance without Violating Employee Privacy
Under the increasing burden of regulatory compliance such as PCI, HIPAA, SOX, NERC and ISO 27001, companies are more and more seeking some form of monitoring platform for recording employee activity. Not surprisingly, this has been met with concern on the part of employees, who fear that employee monitoring is stepping on their rights to privacy in the workplace. However, a combination of transparency and common sense can bridge these two seemingly diametric positions. After all, if an employer seeks to simply meet regulatory compliance, and can do so without infringing on employee rights, then both sides will benefit from greater efficiency, clarity and profitability….
The best documents & resources to start and grow a business.
How are you planning on using Docstoc?
JOIN WITH FACEBOOK
By registering with docstoc.com you agree to our
terms of service
, and to receive content and offer notifications.
Already a member?
Sign Into your Account
Not a member yet?
Sign in with Facebook