SlideShare a Scribd company logo

How Balabit helps to comply with iso 27001 (infographics)

Sectricity
Sectricity

This document discusses information security policies for an organization. It covers topics such as compliance with legal requirements, information security reviews, business continuity, incident management, supplier relationships, system development and maintenance, communications security, operations security, physical security, cryptography, access control, and asset management. For each topic, it describes features of Shell Control Box and syslog-ng products that help provide security controls in that area.

1 of 1
Download to read offline
www.balabit.com A.18 Compliance A.18.1 Compliance with legal and contractual requirements To avoid breaches of legal, statutory, regulatory or contractual obligations related to information security and of any security requirements. A.18.2 Information security reviews To ensure that information security is implemented and operated in accordance with the organizational policies and procedures. A.17 Information security aspects of business continuity management A.17.1 Information security continuity Information security continuity shall be embedded in the organization’s business continuity management systems. A.17.2 Redundancies To ensure availability of information processing facilities. Shell Control Box ■ Supports high-availability configurations (two SCB units operate together in fail-over mode), ■ the appliances can be equipped with redundant power units. syslog-ng ■ The syslog-ng Store Box supports high-availability configurations (SSB units operate together in fail-over mode), ■ the SSB appliances can be equipped with redundant power units. A.16 Information security incident management A.16.1 Management of information security incidents and improvements To ensure a consistent and effective approach to the management of information security incidents, including communication on security events and weaknesses. Shell Control Box ■ Records all sessions into searchable audit trails, making it easy to find relevant information during incident investigation, ■ audit trails can be browsed online, or followed real-time to monitor user activities ■ the audit player replays the recorded sessions just like a movie – all actions of the administrators can be seen exactly as they happened, ■ audit trails are indexed which makes the results searchable, ■ provides easier postmortem incident analysis, as auditors can access detailed search results, ■ the full-text search provide search results ranked by relevance, many powerful query types, and support for non-Latin characters. syslog-ng ■ Reliable, secure collection and storage of the log messages, ■ uses TLS to encrypt the communication between the clients and the log server, ■ TLS-encryption also prevents third-parties from modifying the communication, ■ The communication between the client and the server can be mutually authenticated using X.509 certificates, ■ log messages can be encrypted using public-key encryption, ■ requests time-stamps for the stored data from an external Timestamping Authority (TSA) to include reliable dates in the log files. A.15 Supplier relationships A.15.1 Information security in supplier relationships To ensure protection of the organization’s assets that is accessible by suppliers. A.15.2 Supplier service delivery management To maintain an agreed level of information security and service delivery in line with supplier agreements. Shell Control Box ■ Oversees IT services managed by third parties, ■ provides detailed audit trails and reports to review the actions of the third parties, ■ offers granular access control to limit the access of the third party to the absolutely necessary. A.14 System acquisition, development and maintenance A.14.1 Security requirements of information systems To ensure that information security is an integral part of information systems across the entire lifecycle. This also includes the requirements for information systems which provide services over public networks. A.14.2 Security in development and support processes To ensure that information security is designed and implemented within the development lifecycle of information systems. A.14.3 Test data To ensure the protection of data used for testing. A.13 Communications security A.13.1 Network security management To ensure the protection of information in networks and its supporting information processing facilities. Shell Control Box ■ Controls, monitors, and audits the encrypted channels used in remote access, ■ enforces strong authentication and authorization methods, incl. gateway authentication, two-factor authentication, and 4-eyes authorization, ■ monitors the terminal connections used to access networking devices, such as switches, ■ collects configuration changes of Cisco routers, ■ prevents the network admins from executing unwanted commands. syslog-ng ■ TLS can be used to encrypt the communication between the clients and the log server, ■ TLS-encryption also prevents third-parties from modifying the communication, ■ The communication between the client and the server can be mutually authenticated using X.509 certificates. A.13.2 Information transfer To maintain the security of information transferred within an organization and with any external entity. A.12 Operations security A.12.1 Operational procedures and responsibilities To ensure correct and secure operations of information processing facilities. Shell Control Box ■ Complements change management policies and controls remote management of inf. processing facilities, ■ changes can be audited, and be part of the change documentation, ■ audit trails can be used in forensic or general review to verify that a particular configuration change was actually performed. syslog-ng ■ Detects if its configuration changed and sends log message about it. A.12.2 Protection from malware To ensure that information and information processing facilities are protected against malware. A.12.3 Backup To protect against loss of data. A.12.4 Logging and monitoring To record events and generate evidence. Shell Control Box ■ Records and audits the actions of privileged users, ■ recorded events can be replayed like a movie, ■ operates transparently, so the monitored users have no access to the appliance, ■ provides reliable, digitally signed, and encrypted audit trails and reports to prevent manipulation or misuse (strong evidence), ■ the events can be reviewed exactly the same way as they happened. syslog-ng ■ Collects logs from a wide variety of devices and applications and transfers them to a central logserver, ■ allows to access every relevant log message at a single place, ■ features “logstore”, a binary, encrypted, time-stamped, digitally signed log storage format, ■ provides granular, membership-based access control to logs (SSB), ■ provides reliable time information about the log message even if the sender's clock is mistimed. A.12.5 Control of operational software To ensure the integrity of operational systems. A.12.6 Technical vulnerability management To prevent exploitation of technical vulnerabilities. A.12.7 Information systems audit considerations To minimize the impact of audit activities on operational systems. A.11 Physical and environmental security A.11.1 Secure areas To prevent unauthorized physical access, damage and interference to the organization’s information and information processing facilities. A.11.2 Equipment To prevent loss, damage, theft or compromise of assets and interruption to the organization’s operations. A.10 Cryptography A.10.1 Cryptographic controls To ensure proper and effective use of cryptography to protect the confidentiality, authenticity and/or integrity of information. Shell Control Box ■ Enforces strong encryption methods, ■ audit trails can be digitally signed, time-stamped and encrypted, ■ requires multiple certificates to be present to decrypt the audit trails (optional). syslog-ng ■ Enforces strong encryption methods (e.g. disallow weak cipher algorithms, or require mutual authentication between client and server), ■ log files can be encrypted, digitally signed and time-stamped. A.9 Access control A.9.1 Business requirements of access control To limit access to information and information processing facilities. Shell Control Box ■ Granularly controls access to servers, applications and protocol features, based on the identity of the user, or group-memberships. A.9.2 User access management To ensure authorized user access and to prevent unauthorized access to systems and services. Shell Control Box ■ Controls remote access from a central location, ■ enforces strong authentication and authorization, ■ provides customized access control to audited systems, ■ supports scenarios when the user does not know the credential of the server (removes access rights easy when shared accounts are used). A.9.3 User responsibilities To make users accountable for safeguarding their authentication information. A.9.4 System and application access control To prevent unauthorized access to systems and applications. Shell Control Box ■ Central authentication host ■ controls which remote applications or protocol features are available for a specific user. ■ enforces strong encryption methods ■ enforces strong authentication methods, ■ authenticates the users to a LDAP database (for example, Microsoft AD), ■ requires to authenticate on SCB using the personal credentials and use different credentials to access the target server, ■ uses a password vault to authenticate on the target server. A.8 Asset management A.8.1 Responsibility for assets To identify organizational assets and define appropriate protection responsibilities. A.8.2 Information classification To ensure that information receives an appropriate level of protection in accordance with its importance to the organization. A.8.3 Media handling To prevent unauthorized disclosure, modification, removal or destruction of information stored on media. A.6 Organization of information security A.6.1 Internal organization To establish a management framework to initiate and control the implementation and operation of information security within the organization. Shell Control Box ■ Creates a separate auditor layer above privileged users, segregates the role of IT maintenance and security, audits and controls the work of system administrators. syslog-ng ■ Securely transfer log messages to a logserver real-time, preventing the user (or an attacker) from manipulating the logs, ■ on the logserver, it can store the logs in encrypted and time-stamped format. A.6.2 Mobile devices and teleworking To ensure the security of teleworking and use of mobile devices. A.5 Information security policies A.5.1 Management direction for information security To provide management direction and support for information security in accordance with business requirements and relevant laws and regulations. HOW BALABIT HELPS TO COMPLY WITH ISO 27001? A.7 Human resource security A.7.1 Prior to employment To ensure that employees and contractors understand their responsibilities and are suitable for the roles for which they are considered. A.7.2 During employment To ensure that employees and contractors are aware of and fulfil their information security responsibilities. A.7.3 Termination and change of employment To protect the organization’s interests as part of the process of changing or terminating employment. ENCT2968CC261A774CC135C421F 006E4042A571324F26968CC261A77 4CC135C421F00QUW+DV7F5GO0/0 YWJVWXV8ZCAWSUBYQ+RWJOS R1HSDQCRRNETDK9KOO+W9HXV UL3PD4W9SFNTRDG88K/U5X7L2C

Recommended

Introduction to Gravitational Teleport
Introduction to Gravitational TeleportIntroduction to Gravitational Teleport
Introduction to Gravitational Teleport
Teleport
 
Maintain A Secure, Independent Network For Survey Projects
Maintain A Secure, Independent Network For Survey Projects Maintain A Secure, Independent Network For Survey Projects
Maintain A Secure, Independent Network For Survey Projects
Data Force Research
 
LTS Secure SIEM Features
LTS Secure SIEM Features LTS Secure SIEM Features
LTS Secure SIEM Features
rver21
 
What is SIEM
What is SIEMWhat is SIEM
What is SIEM
Patten John
 
Advanced Data Center Security
Advanced Data Center SecurityAdvanced Data Center Security
Advanced Data Center Security
manoharparakh
 
SORT OUT YOUR SIEM
SORT OUT YOUR SIEMSORT OUT YOUR SIEM
SORT OUT YOUR SIEM
SecureData Europe
 
LTS SECURE SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM)
LTS SECURE SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM) LTS SECURE SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM)
LTS SECURE SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM)
rver21
 
SIEM
SIEMSIEM
SIEM
vikasraina
 

Recommended

Introduction to Gravitational Teleport
Introduction to Gravitational TeleportIntroduction to Gravitational Teleport
Introduction to Gravitational Teleport
Teleport
 
Maintain A Secure, Independent Network For Survey Projects
Maintain A Secure, Independent Network For Survey Projects Maintain A Secure, Independent Network For Survey Projects
Maintain A Secure, Independent Network For Survey Projects
Data Force Research
 
LTS Secure SIEM Features
LTS Secure SIEM Features LTS Secure SIEM Features
LTS Secure SIEM Features
rver21
 
What is SIEM
What is SIEMWhat is SIEM
What is SIEM
Patten John
 
Advanced Data Center Security
Advanced Data Center SecurityAdvanced Data Center Security
Advanced Data Center Security
manoharparakh
 
SORT OUT YOUR SIEM
SORT OUT YOUR SIEMSORT OUT YOUR SIEM
SORT OUT YOUR SIEM
SecureData Europe
 
LTS SECURE SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM)
LTS SECURE SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM) LTS SECURE SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM)
LTS SECURE SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM)
rver21
 
SIEM
SIEMSIEM
SIEM
vikasraina
 
Siem Overview 2009
Siem Overview 2009Siem Overview 2009
Siem Overview 2009
johndyson1
 
McAfee SIEM solution
McAfee SIEM solution McAfee SIEM solution
McAfee SIEM solution
hashnees
 
SIEM Architecture
SIEM ArchitectureSIEM Architecture
SIEM Architecture
Nishanth Kumar Pathi
 
SIEM presentation final
SIEM presentation finalSIEM presentation final
SIEM presentation finalRizwan S
 
Chapter 15
Chapter 15Chapter 15
Chapter 15
Ali Broumandnia
 
Modern vs. Traditional SIEM
Modern vs. Traditional SIEM Modern vs. Traditional SIEM
Modern vs. Traditional SIEM
Alert Logic
 
Siem solutions R&E
Siem solutions R&ESiem solutions R&E
Siem solutions R&E
Owais Ahmad
 
SIEM
SIEMSIEM
SIEM
Napier University
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA
Jeffrey Wang , P.Eng
 
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
Eran Goldstein
 
Cloud Security & Control: A Multi-Layer Approach to Secure Cloud Computing
Cloud Security & Control: A Multi-Layer Approach to Secure Cloud ComputingCloud Security & Control: A Multi-Layer Approach to Secure Cloud Computing
Cloud Security & Control: A Multi-Layer Approach to Secure Cloud ComputingOpSource
 
Log maintenance network securiy
Log maintenance network securiyLog maintenance network securiy
Log maintenance network securiy
Mohsin Ali
 
PCI Compliance White Paper
PCI Compliance White PaperPCI Compliance White Paper
PCI Compliance White Paper
Raz-Lee Security
 
PCI Compliance in the Cloud
PCI Compliance in the CloudPCI Compliance in the Cloud
PCI Compliance in the Cloud
ControlCase
 
PT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolPT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolShah Sheikh
 
Security Policy Checklist
Security Policy ChecklistSecurity Policy Checklist
Security Policy Checklistbackdoor
 
Pega_0625_Pega_Cloud_Security_Reliability_19
Pega_0625_Pega_Cloud_Security_Reliability_19Pega_0625_Pega_Cloud_Security_Reliability_19
Pega_0625_Pega_Cloud_Security_Reliability_19Douglas Kim
 
Anypoint platform cloud
Anypoint platform cloudAnypoint platform cloud
Anypoint platform cloud
Sudheer Y
 
ICS security
ICS securityICS security
ICS securityAhmed Shitta
 
Scada security
Scada securityScada security
Scada security
sommerville-videos
 
Cloud Data Protection-Reliable Solutions for Companies
Cloud Data Protection-Reliable Solutions for CompaniesCloud Data Protection-Reliable Solutions for Companies
Cloud Data Protection-Reliable Solutions for Companies
basilmph
 
Security Best Practices for Your Ignition System
Security Best Practices for Your Ignition SystemSecurity Best Practices for Your Ignition System
Security Best Practices for Your Ignition System
Inductive Automation
 

More Related Content

What's hot

Siem Overview 2009
Siem Overview 2009Siem Overview 2009
Siem Overview 2009
johndyson1
 
McAfee SIEM solution
McAfee SIEM solution McAfee SIEM solution
McAfee SIEM solution
hashnees
 
SIEM Architecture
SIEM ArchitectureSIEM Architecture
SIEM Architecture
Nishanth Kumar Pathi
 
SIEM presentation final
SIEM presentation finalSIEM presentation final
SIEM presentation finalRizwan S
 
Chapter 15
Chapter 15Chapter 15
Chapter 15
Ali Broumandnia
 
Modern vs. Traditional SIEM
Modern vs. Traditional SIEM Modern vs. Traditional SIEM
Modern vs. Traditional SIEM
Alert Logic
 
Siem solutions R&E
Siem solutions R&ESiem solutions R&E
Siem solutions R&E
Owais Ahmad
 
SIEM
SIEMSIEM
SIEM
Napier University
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA
Jeffrey Wang , P.Eng
 
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
Eran Goldstein
 
Cloud Security & Control: A Multi-Layer Approach to Secure Cloud Computing
Cloud Security & Control: A Multi-Layer Approach to Secure Cloud ComputingCloud Security & Control: A Multi-Layer Approach to Secure Cloud Computing
Cloud Security & Control: A Multi-Layer Approach to Secure Cloud ComputingOpSource
 
Log maintenance network securiy
Log maintenance network securiyLog maintenance network securiy
Log maintenance network securiy
Mohsin Ali
 
PCI Compliance White Paper
PCI Compliance White PaperPCI Compliance White Paper
PCI Compliance White Paper
Raz-Lee Security
 
PCI Compliance in the Cloud
PCI Compliance in the CloudPCI Compliance in the Cloud
PCI Compliance in the Cloud
ControlCase
 
PT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolPT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolShah Sheikh
 
Security Policy Checklist
Security Policy ChecklistSecurity Policy Checklist
Security Policy Checklistbackdoor
 
Pega_0625_Pega_Cloud_Security_Reliability_19
Pega_0625_Pega_Cloud_Security_Reliability_19Pega_0625_Pega_Cloud_Security_Reliability_19
Pega_0625_Pega_Cloud_Security_Reliability_19Douglas Kim
 
Anypoint platform cloud
Anypoint platform cloudAnypoint platform cloud
Anypoint platform cloud
Sudheer Y
 
Scada security
Scada securityScada security
Scada security
sommerville-videos
 

What's hot (20)

Siem Overview 2009
Siem Overview 2009Siem Overview 2009
Siem Overview 2009
 
McAfee SIEM solution
McAfee SIEM solution McAfee SIEM solution
McAfee SIEM solution
 
SIEM Architecture
SIEM ArchitectureSIEM Architecture
SIEM Architecture
 
SIEM presentation final
SIEM presentation finalSIEM presentation final
SIEM presentation final
 
Chapter 15
Chapter 15Chapter 15
Chapter 15
 
Modern vs. Traditional SIEM
Modern vs. Traditional SIEM Modern vs. Traditional SIEM
Modern vs. Traditional SIEM
 
Siem solutions R&E
Siem solutions R&ESiem solutions R&E
Siem solutions R&E
 
SIEM
SIEMSIEM
SIEM
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA
 
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
 
Cloud Security & Control: A Multi-Layer Approach to Secure Cloud Computing
Cloud Security & Control: A Multi-Layer Approach to Secure Cloud ComputingCloud Security & Control: A Multi-Layer Approach to Secure Cloud Computing
Cloud Security & Control: A Multi-Layer Approach to Secure Cloud Computing
 
Log maintenance network securiy
Log maintenance network securiyLog maintenance network securiy
Log maintenance network securiy
 
PCI Compliance White Paper
PCI Compliance White PaperPCI Compliance White Paper
PCI Compliance White Paper
 
PCI Compliance in the Cloud
PCI Compliance in the CloudPCI Compliance in the Cloud
PCI Compliance in the Cloud
 
PT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolPT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrol
 
Security Policy Checklist
Security Policy ChecklistSecurity Policy Checklist
Security Policy Checklist
 
Pega_0625_Pega_Cloud_Security_Reliability_19
Pega_0625_Pega_Cloud_Security_Reliability_19Pega_0625_Pega_Cloud_Security_Reliability_19
Pega_0625_Pega_Cloud_Security_Reliability_19
 
Anypoint platform cloud
Anypoint platform cloudAnypoint platform cloud
Anypoint platform cloud
 
ICS security
ICS securityICS security
ICS security
 
Scada security
Scada securityScada security
Scada security
 

Similar to How Balabit helps to comply with iso 27001 (infographics)

Cloud Data Protection-Reliable Solutions for Companies
Cloud Data Protection-Reliable Solutions for CompaniesCloud Data Protection-Reliable Solutions for Companies
Cloud Data Protection-Reliable Solutions for Companies
basilmph
 
Security Best Practices for Your Ignition System
Security Best Practices for Your Ignition SystemSecurity Best Practices for Your Ignition System
Security Best Practices for Your Ignition System
Inductive Automation
 
Top three tips in ensuring security and compliance in cloud computing
Top three tips in ensuring security and compliance in cloud computingTop three tips in ensuring security and compliance in cloud computing
Top three tips in ensuring security and compliance in cloud computing
OsazeeOboh
 
Solvit identity is the new perimeter
Solvit identity is the new perimeterSolvit identity is the new perimeter
Solvit identity is the new perimeter
S.E. CTS CERT-GOV-MD
 
The ultimate guide to cloud computing security-Hire cloud expert
The ultimate guide to cloud computing security-Hire cloud expertThe ultimate guide to cloud computing security-Hire cloud expert
The ultimate guide to cloud computing security-Hire cloud expert
Chapter247 Infotech
 
Product description shell control box 4 lts
Product description shell control box 4 ltsProduct description shell control box 4 lts
Product description shell control box 4 lts
mchatoramhuru
 
SGSB Webcast 2 : Smart grid and data security
SGSB Webcast 2 : Smart grid and data securitySGSB Webcast 2 : Smart grid and data security
SGSB Webcast 2 : Smart grid and data securityAndy Bochman
 
Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...
Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...
Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...
NetworkCollaborators
 
Cisco Connect 2018 Thailand - Telco service provider network analytics
Cisco Connect 2018 Thailand - Telco service provider network analytics Cisco Connect 2018 Thailand - Telco service provider network analytics
Cisco Connect 2018 Thailand - Telco service provider network analytics
NetworkCollaborators
 
Advantages And Disadvantages Of Nc
Advantages And Disadvantages Of NcAdvantages And Disadvantages Of Nc
Advantages And Disadvantages Of Nc
Kristen Wilson
 
Iaetsd secure data storage against attacks in cloud
Iaetsd secure data storage against attacks in cloudIaetsd secure data storage against attacks in cloud
Iaetsd secure data storage against attacks in cloud
Iaetsd Iaetsd
 
Splunk for ibtrm
Splunk for ibtrmSplunk for ibtrm
Splunk for ibtrm
Greg Hanchin
 
CLOUD SECURITY.pptx
CLOUD SECURITY.pptxCLOUD SECURITY.pptx
CLOUD SECURITY.pptx
MrPrathapG
 
Audit of it infrastructure
Audit of it infrastructureAudit of it infrastructure
Audit of it infrastructure
pramod_kmr73
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
Pyingkodi Maran
 
Security 101: IBM i Security Auditing and Reporting
Security 101: IBM i Security Auditing and ReportingSecurity 101: IBM i Security Auditing and Reporting
Security 101: IBM i Security Auditing and Reporting
Precisely
 
Cloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWSCloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWS
Amazon Web Services
 
Introduction to SIEM.pptx
Introduction to SIEM.pptxIntroduction to SIEM.pptx
Introduction to SIEM.pptx
neoalt
 
CSE_Instructor_Materials_Chapter7.pptx
CSE_Instructor_Materials_Chapter7.pptxCSE_Instructor_Materials_Chapter7.pptx
CSE_Instructor_Materials_Chapter7.pptx
Mohammad512578
 
SECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESSECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKES
Happiest Minds Technologies
 

Similar to How Balabit helps to comply with iso 27001 (infographics) (20)

Cloud Data Protection-Reliable Solutions for Companies
Cloud Data Protection-Reliable Solutions for CompaniesCloud Data Protection-Reliable Solutions for Companies
Cloud Data Protection-Reliable Solutions for Companies
 
Security Best Practices for Your Ignition System
Security Best Practices for Your Ignition SystemSecurity Best Practices for Your Ignition System
Security Best Practices for Your Ignition System
 
Top three tips in ensuring security and compliance in cloud computing
Top three tips in ensuring security and compliance in cloud computingTop three tips in ensuring security and compliance in cloud computing
Top three tips in ensuring security and compliance in cloud computing
 
Solvit identity is the new perimeter
Solvit identity is the new perimeterSolvit identity is the new perimeter
Solvit identity is the new perimeter
 
The ultimate guide to cloud computing security-Hire cloud expert
The ultimate guide to cloud computing security-Hire cloud expertThe ultimate guide to cloud computing security-Hire cloud expert
The ultimate guide to cloud computing security-Hire cloud expert
 
Product description shell control box 4 lts
Product description shell control box 4 ltsProduct description shell control box 4 lts
Product description shell control box 4 lts
 
SGSB Webcast 2 : Smart grid and data security
SGSB Webcast 2 : Smart grid and data securitySGSB Webcast 2 : Smart grid and data security
SGSB Webcast 2 : Smart grid and data security
 
Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...
Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...
Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...
 
Cisco Connect 2018 Thailand - Telco service provider network analytics
Cisco Connect 2018 Thailand - Telco service provider network analytics Cisco Connect 2018 Thailand - Telco service provider network analytics
Cisco Connect 2018 Thailand - Telco service provider network analytics
 
Advantages And Disadvantages Of Nc
Advantages And Disadvantages Of NcAdvantages And Disadvantages Of Nc
Advantages And Disadvantages Of Nc
 
Iaetsd secure data storage against attacks in cloud
Iaetsd secure data storage against attacks in cloudIaetsd secure data storage against attacks in cloud
Iaetsd secure data storage against attacks in cloud
 
Splunk for ibtrm
Splunk for ibtrmSplunk for ibtrm
Splunk for ibtrm
 
CLOUD SECURITY.pptx
CLOUD SECURITY.pptxCLOUD SECURITY.pptx
CLOUD SECURITY.pptx
 
Audit of it infrastructure
Audit of it infrastructureAudit of it infrastructure
Audit of it infrastructure
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Security 101: IBM i Security Auditing and Reporting
Security 101: IBM i Security Auditing and ReportingSecurity 101: IBM i Security Auditing and Reporting
Security 101: IBM i Security Auditing and Reporting
 
Cloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWSCloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWS
 
Introduction to SIEM.pptx
Introduction to SIEM.pptxIntroduction to SIEM.pptx
Introduction to SIEM.pptx
 
CSE_Instructor_Materials_Chapter7.pptx
CSE_Instructor_Materials_Chapter7.pptxCSE_Instructor_Materials_Chapter7.pptx
CSE_Instructor_Materials_Chapter7.pptx
 
SECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESSECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKES
 

More from Sectricity

GDPR infographic
GDPR infographicGDPR infographic
GDPR infographic
Sectricity
 
BalaBit 2015: Control Your IT Staff
BalaBit 2015: Control Your IT StaffBalaBit 2015: Control Your IT Staff
BalaBit 2015: Control Your IT Staff
Sectricity
 
SafeNet overview 2014
SafeNet overview 2014SafeNet overview 2014
SafeNet overview 2014
Sectricity
 
Bright talk mapping the right aut solution for you 2014 final (1)
Bright talk mapping the right aut solution for you 2014 final (1)Bright talk mapping the right aut solution for you 2014 final (1)
Bright talk mapping the right aut solution for you 2014 final (1)Sectricity
 
The Secure laptop - intro BXL
The Secure laptop - intro BXLThe Secure laptop - intro BXL
The Secure laptop - intro BXL
Sectricity
 
SafeNet Enterprise Key and Crypto Management
SafeNet Enterprise Key and Crypto ManagementSafeNet Enterprise Key and Crypto Management
SafeNet Enterprise Key and Crypto Management
Sectricity
 

More from Sectricity (6)

GDPR infographic
GDPR infographicGDPR infographic
GDPR infographic
 
BalaBit 2015: Control Your IT Staff
BalaBit 2015: Control Your IT StaffBalaBit 2015: Control Your IT Staff
BalaBit 2015: Control Your IT Staff
 
SafeNet overview 2014
SafeNet overview 2014SafeNet overview 2014
SafeNet overview 2014
 
Bright talk mapping the right aut solution for you 2014 final (1)
Bright talk mapping the right aut solution for you 2014 final (1)Bright talk mapping the right aut solution for you 2014 final (1)
Bright talk mapping the right aut solution for you 2014 final (1)
 
The Secure laptop - intro BXL
The Secure laptop - intro BXLThe Secure laptop - intro BXL
The Secure laptop - intro BXL
 
SafeNet Enterprise Key and Crypto Management
SafeNet Enterprise Key and Crypto ManagementSafeNet Enterprise Key and Crypto Management
SafeNet Enterprise Key and Crypto Management
 

How Balabit helps to comply with iso 27001 (infographics)

  • 1. www.balabit.com A.18 Compliance A.18.1 Compliance with legal and contractual requirements To avoid breaches of legal, statutory, regulatory or contractual obligations related to information security and of any security requirements. A.18.2 Information security reviews To ensure that information security is implemented and operated in accordance with the organizational policies and procedures. A.17 Information security aspects of business continuity management A.17.1 Information security continuity Information security continuity shall be embedded in the organization’s business continuity management systems. A.17.2 Redundancies To ensure availability of information processing facilities. Shell Control Box ■ Supports high-availability configurations (two SCB units operate together in fail-over mode), ■ the appliances can be equipped with redundant power units. syslog-ng ■ The syslog-ng Store Box supports high-availability configurations (SSB units operate together in fail-over mode), ■ the SSB appliances can be equipped with redundant power units. A.16 Information security incident management A.16.1 Management of information security incidents and improvements To ensure a consistent and effective approach to the management of information security incidents, including communication on security events and weaknesses. Shell Control Box ■ Records all sessions into searchable audit trails, making it easy to find relevant information during incident investigation, ■ audit trails can be browsed online, or followed real-time to monitor user activities ■ the audit player replays the recorded sessions just like a movie – all actions of the administrators can be seen exactly as they happened, ■ audit trails are indexed which makes the results searchable, ■ provides easier postmortem incident analysis, as auditors can access detailed search results, ■ the full-text search provide search results ranked by relevance, many powerful query types, and support for non-Latin characters. syslog-ng ■ Reliable, secure collection and storage of the log messages, ■ uses TLS to encrypt the communication between the clients and the log server, ■ TLS-encryption also prevents third-parties from modifying the communication, ■ The communication between the client and the server can be mutually authenticated using X.509 certificates, ■ log messages can be encrypted using public-key encryption, ■ requests time-stamps for the stored data from an external Timestamping Authority (TSA) to include reliable dates in the log files. A.15 Supplier relationships A.15.1 Information security in supplier relationships To ensure protection of the organization’s assets that is accessible by suppliers. A.15.2 Supplier service delivery management To maintain an agreed level of information security and service delivery in line with supplier agreements. Shell Control Box ■ Oversees IT services managed by third parties, ■ provides detailed audit trails and reports to review the actions of the third parties, ■ offers granular access control to limit the access of the third party to the absolutely necessary. A.14 System acquisition, development and maintenance A.14.1 Security requirements of information systems To ensure that information security is an integral part of information systems across the entire lifecycle. This also includes the requirements for information systems which provide services over public networks. A.14.2 Security in development and support processes To ensure that information security is designed and implemented within the development lifecycle of information systems. A.14.3 Test data To ensure the protection of data used for testing. A.13 Communications security A.13.1 Network security management To ensure the protection of information in networks and its supporting information processing facilities. Shell Control Box ■ Controls, monitors, and audits the encrypted channels used in remote access, ■ enforces strong authentication and authorization methods, incl. gateway authentication, two-factor authentication, and 4-eyes authorization, ■ monitors the terminal connections used to access networking devices, such as switches, ■ collects configuration changes of Cisco routers, ■ prevents the network admins from executing unwanted commands. syslog-ng ■ TLS can be used to encrypt the communication between the clients and the log server, ■ TLS-encryption also prevents third-parties from modifying the communication, ■ The communication between the client and the server can be mutually authenticated using X.509 certificates. A.13.2 Information transfer To maintain the security of information transferred within an organization and with any external entity. A.12 Operations security A.12.1 Operational procedures and responsibilities To ensure correct and secure operations of information processing facilities. Shell Control Box ■ Complements change management policies and controls remote management of inf. processing facilities, ■ changes can be audited, and be part of the change documentation, ■ audit trails can be used in forensic or general review to verify that a particular configuration change was actually performed. syslog-ng ■ Detects if its configuration changed and sends log message about it. A.12.2 Protection from malware To ensure that information and information processing facilities are protected against malware. A.12.3 Backup To protect against loss of data. A.12.4 Logging and monitoring To record events and generate evidence. Shell Control Box ■ Records and audits the actions of privileged users, ■ recorded events can be replayed like a movie, ■ operates transparently, so the monitored users have no access to the appliance, ■ provides reliable, digitally signed, and encrypted audit trails and reports to prevent manipulation or misuse (strong evidence), ■ the events can be reviewed exactly the same way as they happened. syslog-ng ■ Collects logs from a wide variety of devices and applications and transfers them to a central logserver, ■ allows to access every relevant log message at a single place, ■ features “logstore”, a binary, encrypted, time-stamped, digitally signed log storage format, ■ provides granular, membership-based access control to logs (SSB), ■ provides reliable time information about the log message even if the sender's clock is mistimed. A.12.5 Control of operational software To ensure the integrity of operational systems. A.12.6 Technical vulnerability management To prevent exploitation of technical vulnerabilities. A.12.7 Information systems audit considerations To minimize the impact of audit activities on operational systems. A.11 Physical and environmental security A.11.1 Secure areas To prevent unauthorized physical access, damage and interference to the organization’s information and information processing facilities. A.11.2 Equipment To prevent loss, damage, theft or compromise of assets and interruption to the organization’s operations. A.10 Cryptography A.10.1 Cryptographic controls To ensure proper and effective use of cryptography to protect the confidentiality, authenticity and/or integrity of information. Shell Control Box ■ Enforces strong encryption methods, ■ audit trails can be digitally signed, time-stamped and encrypted, ■ requires multiple certificates to be present to decrypt the audit trails (optional). syslog-ng ■ Enforces strong encryption methods (e.g. disallow weak cipher algorithms, or require mutual authentication between client and server), ■ log files can be encrypted, digitally signed and time-stamped. A.9 Access control A.9.1 Business requirements of access control To limit access to information and information processing facilities. Shell Control Box ■ Granularly controls access to servers, applications and protocol features, based on the identity of the user, or group-memberships. A.9.2 User access management To ensure authorized user access and to prevent unauthorized access to systems and services. Shell Control Box ■ Controls remote access from a central location, ■ enforces strong authentication and authorization, ■ provides customized access control to audited systems, ■ supports scenarios when the user does not know the credential of the server (removes access rights easy when shared accounts are used). A.9.3 User responsibilities To make users accountable for safeguarding their authentication information. A.9.4 System and application access control To prevent unauthorized access to systems and applications. Shell Control Box ■ Central authentication host ■ controls which remote applications or protocol features are available for a specific user. ■ enforces strong encryption methods ■ enforces strong authentication methods, ■ authenticates the users to a LDAP database (for example, Microsoft AD), ■ requires to authenticate on SCB using the personal credentials and use different credentials to access the target server, ■ uses a password vault to authenticate on the target server. A.8 Asset management A.8.1 Responsibility for assets To identify organizational assets and define appropriate protection responsibilities. A.8.2 Information classification To ensure that information receives an appropriate level of protection in accordance with its importance to the organization. A.8.3 Media handling To prevent unauthorized disclosure, modification, removal or destruction of information stored on media. A.6 Organization of information security A.6.1 Internal organization To establish a management framework to initiate and control the implementation and operation of information security within the organization. Shell Control Box ■ Creates a separate auditor layer above privileged users, segregates the role of IT maintenance and security, audits and controls the work of system administrators. syslog-ng ■ Securely transfer log messages to a logserver real-time, preventing the user (or an attacker) from manipulating the logs, ■ on the logserver, it can store the logs in encrypted and time-stamped format. A.6.2 Mobile devices and teleworking To ensure the security of teleworking and use of mobile devices. A.5 Information security policies A.5.1 Management direction for information security To provide management direction and support for information security in accordance with business requirements and relevant laws and regulations. HOW BALABIT HELPS TO COMPLY WITH ISO 27001? A.7 Human resource security A.7.1 Prior to employment To ensure that employees and contractors understand their responsibilities and are suitable for the roles for which they are considered. A.7.2 During employment To ensure that employees and contractors are aware of and fulfil their information security responsibilities. A.7.3 Termination and change of employment To protect the organization’s interests as part of the process of changing or terminating employment. ENCT2968CC261A774CC135C421F 006E4042A571324F26968CC261A77 4CC135C421F00QUW+DV7F5GO0/0 YWJVWXV8ZCAWSUBYQ+RWJOS R1HSDQCRRNETDK9KOO+W9HXV UL3PD4W9SFNTRDG88K/U5X7L2C