ISO-27002-(17799) News

PowerTech Releases New Version of Compliance Monitor

(Oct 03, 2007)-- The PowerTech Group announced PowerTech Compliance Monitor version 2.0, a major upgrade to its software solution for regulatory compliance reporting on the IBM System i (AS/400).

With Compliance Monitor 2.0, PowerTech has added a variety of new features designed to help organizations improve the efficiency of their security compliance reporting on the System i, which, according to industry experts, is used by over 90 percent of the Fortune 1000 alone. Usually this platform is used to host sensitive and confidential data such as customer and financial records. In PowerTech's annual 2007 State of System i Security study, the company has found that the System i is typically left unsecured by a majority of organizations, simply because of improper configuration and the lack of tools. Furthering the problem is that the company has found that many auditors and IT administrators are unaware of the vulnerabilities, resulting in critical data exposures in spite of a successful IT audit, the company said.

"Many of the security controls currently put in place on the System i were designed to protect against earlier threats, while the computing and networking demands of today's enterprise require more open connectivity and targeted sharing of data within an organization and among key outside business partners," said John Earl, Vice President and Chief Technology Officer of PowerTech. "The result is that many OS/400 shops have yet to embrace the new security technologies that are available in the architecture, and so they leave their critical data exposed. Compliance Monitor 2.0 helps organizations begin to close this gap by providing a streamlined tool for identifying and reporting security issues relating to the System i vis a vis regulatory and industry compliance rules," he added.

Key new features in Compliance Monitor 2.0 include:

-- New log aggregation -- Compliance Monitor customers are now able to keep large amounts of log data online because of PowerTech's innovative log aggregation architecture that compresses log data up to 95%.

-- New Log Consolidation -- Compliance Monitor gathers log data from multiple systems and consolidates the data into a single, easy-to-use graphical interface.

-- Log Interpretation -- OS/400 audit journals are cryptic and hard to understand. Compliance Monitor translates technical log data into easy-to-understand messages that can be mapped to the COBIT, ISO17799, and PCI regulatory frameworks.

-- Integration with other PowerTech products -- The same customizable, flexible interface can now also be used to report on events from PowerTech Network Security and Authority Broker, providing one-stop shopping for all your auditing and compliance needs.

-- Streamlined report reviews -- Organizations can save on the time spent reviewing massive log reports by configuring them to only show exceptions to their policy.

-- Customizable Policy templates -- Security starts with a Policy. Compliance Monitor provides policy templates that can be customized to meet the needs of your specific environment and regulation.

Share or bookmarklet this web page at: