IT Solutions
External Vulnerability Assessments
Internal Vulnerability Assessments
Penetration Testing
Systems Activity Review
Wireless Security
War Dialing
Intrusion Detection System
BIA / BCP
Social Engineering
Systems Activity Review (Security Auditing)
Sounds good right? But can this be applied into a security posture while trying to keep the basic fundamentals of applied security access in the information security triad . Well first of all it is impossible to stop something that has already happened, but with increased awareness and proper training you can increase the prevention of it happening again.
Under the final HIPAA Security rule, covered entities must have a business plan that includes the review of the records within the information system activity. This is not a suggested practice, rather it’s a mandatory standard that must be implemented by all covered entities of regulatory compliance. |
Security auditing checks actual systems activity against written policies. It can be internal or external and focuses on system, application and user-level events. Creating and following appropriate audit trails is an invaluable guide to policy development and can provide your company with a defensible position if needed. Such audit trails are required for compliance with regulatory rules such as H IPAA, Sarbanes-Oxley, and GLBA.
A security audit trail is a chronological electronic record of a system’s performance or activity, and is especially useful when reconstructing the sequence of events that led to a breach or an attack. If properly implemented with a Honey Pot it could potentially detail the steps or actions taken in the attack, who performed the attack, and could be used as evidence in a legal proceeding.
Dynamic’s Systems Activity Review provides a logging and audit trail process that will allow your company to review, update and plan accordingly in the event that there is a need to debrief and defend your private information.
This service is typically done with a combination of on and off-site work. Penetration testing and Vulnerability assessments are generally combined with this in order to validate audit trails.