Security Compliance and Internal Audits

With audit requirements increasing through governmental regulations as well as internal security policies, ensuring security compliance has never been a higher priority. Our Data Security Platform helps save both time and money by reducing the frequency of internal audits, and by decreasing the effort of measuring and demonstrating compliance with internal and external audit and regulatory requirements.

Meeting the requirements for controls around networks and computers involves providing evidence that documented and actionable security controls are implemented and monitored. We provide detailed reporting that supports a comprehensive policy framework to ensure system security, manage the configuration of all computers on the network, and monitor compliance.

Designed to ensure the efficacy of controls, Section 404 of the Sarbanes-Oxley Act and similarly, the Gramm-Leach-Bliley Act, PCI and HIPAA all include provisions to protect consumers' personal data. As a result, all require compliance with security standards that include administrative and technical safeguards. Our Platform provides the breadth of required controls to ensure the availability, confidentiality and integrity of protected consumer data.

Seamless Policy Management System

Our technology platform and services program provides security policy expression, automatic deployment, monitoring and enforcement, together with reporting, alerting, containment and removal tools, but it is flexible enough to enable IT teams to manually monitor and take action if necessary. Having a human in the loop is still a pragmatic requirement and will be for a long time!

policy-cycle-img

Elemental Security Platform

Unified Policy Infrastructure – A unified framework for cross-platform security and regulatory policies spanning network traffic, operating system, users, hardware devices, applications and data.

Automated Targeting and Deployment – Dynamic grouping of computers based on user defined criteria describing the configuration, activity, and inventory of individual machines enable policies to be precisely targeted and automatically updated.

Extensive Policy Library – The Elemental Security Platform delivers more than 3000 individual security and configuration rules, plus an extensive array of editable, pre-defined policy templates for:

  • OS and application security baselines: NSA, CIS, NIST, DISA, and Microsoft
  • Regulatory requirements: SOX, PCI, HIPAA, FISMA, GLBA
  • Access controls to regulate network traffic between users, systems, and groups
  • HW / SW inventory and activity controls