Compliance Challenges for Governmental Agencies

Legislation and new standards have been issued to reduce security and privacy risks associated with the nation’s most sensitive information. The Federal Information Security Management Act (FISMA), in particular, defines security standards for all federal agencies, excluding those designated for national security. The National Industrial Security Protection Operating Manual (NISPOM), developed by the Department of Defense, sets comprehensive standards for government contractors to protect classified information. The Department of Defense has also issued DoD Instruction 8500.2 which prescribes procedures for the protection of DoD information systems and networks. Additionally, the Director of Central Intelligence Directive 6/3 (DCID 6/3) provides guidance and requirements for the protection of intelligence information. This directive applies to all U.S. government agencies and their commercial contractors processing intelligence information.

At their core, these regulations share the same goals: to protect sensitive information assets, detect potential security breaches, and respond and contain incidents. Each regulation details a requirement for routine auditing of sensitive information systems to identify security threats. Specifically, covered organizations must collect, store and analyze security event data, logs, from all relevant systems. The challenge lies in the many disparate sources of data, different formats, and massive volumes.

SenSage’s Compliance Solution for Governmental Agencies

SenSage understands the unique standards and controls to which government agencies are held. Specifically, SenSage’s compliance reporting and data storage efficiencies are catered specifically to NISPOM and DCID 6/3 mandates. NISPOM’s Chapter 8 provisions for automated audit trails and analysis as well as year-long data retention are easily satisfied by the SenSage solution. Additionally, SenSage’s real-time compliance monitoring empowers agencies to adhere to the DCID 6/3 guidelines for weekly analysis of security-related activity as well as unauthorized access activity. The SenSage Government Analytics package provides government organizations and contractors a higher degree of visibility and control over sensitive systems by enabling immediate access to correlated activity related to sensitive file access and user activity on classified systems. This visibility, combined with flexible scheduling, emowers organizations by automating incident detection procedures and investigations.

As a comprehensive IT auditing and analysis solution that monitors all sensitive systems, SenSage delivers government clients a complete “data forensics tool” for security information investigations. Moreover, SenSage has the unique ability to store several years of log data online and instantly accessible. Tying this capability to SenSage’s virtually limitless storage capacity, allows organizations to collect and analyze both “allowed” and ‘disallowed” access, and in this manner, uncover sophisticated “low and slow” insider abuse attacks.

SenSage’s comprehensive surveillance capabilities also expedite return on investment as early detection, customized reporting of anomalous activity, and routine security queries across your entire data network facilitates detection of security events quickly. Furthermore, with SenSage, agencies can immediately review any associated historical log activity to help determine depth and breadth of impact when breaches and violations occur. Readily reviewing event logs and operational reports, as well as providing immediate investigation capabilities expedites the auditing process.

Taken altogether, SenSage not only meets government regulatory requirements, its collection, retention, reporting and analytical capabilities readily enable agencies to demonstrate that compliance, quickly, flexibly, and with minimum impact on resources.