3 Strategies for Data Privacy Compliance: Securing Your Sensitive Data


Published on

For more information on LEM, visit: http://www.solarwinds.com/log-event-manager.aspx

Watch this webcast: http://www.solarwinds.com/resources/webcasts/three-strategies-for-data-privacy-compliance-securing-your-sensitive-data.html

Join SolarWinds and Townsend Security for this overview on securing the sensitive data stored on your IBM iSeries using SolarWinds Log & Event Manager (LEM). Learn why logging is essential and how the Townsend Alliance LogAgent integrates with LEM to collect, analyze, and correlate event log data for security and compliance.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

3 Strategies for Data Privacy Compliance: Securing Your Sensitive Data

  1. 1. Securing Your Sensitive DataSolarWinds® and Townsend Security June 13, 2012
  2. 2. Broad Over 2000 Participatingexperience in customers Organizationdata security worldwide PCI Securityand data Standards Councilcommunication Strong presence in the NIST Certified AESLeadership Fortune 500 Encryptionaverages over30 years IT FIPS 140-2 Certifiedexperience Key Management
  3. 3. Breaches Happen  855 Incidents, 174 million compromised records in 2011  Less than 1% of the breaches were discovered through log analysis  69% of these breaches were detectable via log evidence  Take Away: If you are monitoring your logs, you can detect a breach before data is lost - Slide 3 -
  4. 4. Logging Is Now Essential  PCI Section 10 Requires Logging » Requirement 10: Track and monitor all access to network resources and cardholder data GLBA/FFIEC Data Security » Log Transmission, Normalization, Storage, and Protection HIPAA/HITECH Act » Log-In Monitoring & Access Controls
  5. 5. State and Proposed Federal Privacy Notification  Some state laws reference PCI compliance  Nevada privacy law requires PCI compliance  Minnesota requires compliance with parts of PCI (and now WA)  New Federal privacy law in the works Modify This Footer: View -> - Slide 5 -
  6. 6. Logging on the IBM iSeries Today  Not monitoring your IBM iSeries® is a big problem » It can lead to a finding of non-compliance » It can leave a breach undetected  A large national retailer lost over 45 million credit card numbers over a three-year period through poor security and inattention » Proper logging and review could have caught this - Slide 6 -
  7. 7. Why Alliance LogAgent Suite? A complete solution that can capture and forward all IBM i security events Built by IBM i experts specifically for SIEM integration Robust filtering capability minimizes network impact Strong encryption between IBM i and SIEM console Integrated user monitoring and log forward solution Selectively monitor data access and change activity at the column or field level – without changing applications or user accounts
  8. 8. What About Performance? High performance event collection from QAUDJRN, QSYSOPR, QHST  3,500 events per second  250 Million events per day  Buffered transmission  Simultaneous collection from multiple sources
  9. 9. Case Study  A large media and entertainment company with over 40 IBM i’s  PCI DSS regulations required they capture and store all logs off of the system of origination  Purchased a site license of Alliance LogAgent on a Wednesday  Installed and implemented Alliance LogAgent on all systems by the following Monday  The IBM i’s passed the PCI DSS Audit
  10. 10. Townsend Security & Logging on the IBM iSeries  Alliance LogAgent™ from Townsend Security » Creates logs that SolarWinds Log & Event Manager® (LEM) can read » Forwards important information to LEM » Uses SSL/TLS encryption to secure delivery SolarWinds Log & Event Manager QSYSOPR Encrypted QAUDJRN QHSTIBM iSeries Image courtesy of International Business Machines Corporation.Unauthorized use not permitted. - Slide 10 -
  11. 11. - Slide 11 -
  12. 12. - Slide 12 -
  13. 13. - Slide 13 -
  14. 14. - Slide 14 -
  15. 15. Q: What can LogAgent database monitoring do?A: Help you find unauthorized access to sensitive data:<118>May 23 20:37:37 S10125BA LogAgentDB:[LGADB@0 column_name="SOCIAL" column_text="SocialSecurity Number" SECURITY_ALERT_user_access="yes" SECURITY_ALERT_program_access="yes"data_type="A" action="Update" data_image="After" value_option="Hash"value="xJv1GnJqowtC0WGdRTAAFT4FK7kf76il8A+3KI1thY0=" file_name="HRMASTER" file_library="HRLIB"file_member="HRMASTER" timestamp="20120523203737384336" job_name="QPADEV000G"job_user="SMITH" job_number="694320" jrn_seq="12" jrn_sys_seq="0" user_profile="SMITH"program_name="QDZTD00001" program_library="*OMITTED"User SMITH accessed the column SOCIAL which contains a social securitynumber using program QDZTD0001 which is IBM’s file editor utility. Thisprogram was not in the list of approved applications defined by thesecurity administrator, thus creating this security alert. - Slide 15 -
  16. 16. Data Collection With SolarWinds LEM Industry leading log and event management technology Real-time, in memory analytics utilizing intelligent correlation Active Responses for immediate remediation High speed, high compression database for long term retention. Point, Click and Search historical analytics Turn Key, Virtual Appliance
  17. 17. LEM & Compliance More than 300 "audit-proven " compliance reports Comply with PCI DSS, GLBA, SOX, NERC CIP, HIPAA, and more Use the built-in compliance reporting console to easily create reports for internal requirements Easily store the massive amounts of data required for compliance Prevent policy violations and enforce critical compliance requirements in real-time - Slide 17 -
  18. 18. SolarWinds Log & Event Manager Demo - Slide 18 -
  19. 19. Summary  Logging is now a compliance mandate  Externalizing logs from the IBM iSeries can be difficult  SolarWinds LEM » Award winning log & event management solution » Live by lunch, easy-to-use  Alliance LogAgent easily captures and forwards logs to LEM  You can download Alliance LogAgent now and have it running in 30 minutes - Slide 19 -
  20. 20. Take Action Today  Download SolarWinds Log & Event Manager » www.solarwinds.com/LEM_download  Download Alliance LogAgent » www.townsendsecurity.com/products/logagent  SolarWinds Contact: » LEM@solarwinds.com  Townsend Security Contact: » info@townsendsecurity.com - Slide 20 -