SlideShare uma empresa Scribd logo
1 de 16
Baixar para ler offline
Achieving Effective IT Security with
              Continuous ISO 27001 Compliance




WHITE PAPER
Executive Summary

ISO 27001 is recognized internationally as a structured            specific to a certain industry? What benefits are achieved
methodology for information security and is widely used            by implementing such a standard?
as a benchmark for protecting sensitive and private infor-
mation. In this white paper, learn how with Tripwire               ISO 27001: THE UMBRELLA FOR ISMS
Enterprise, organizations can quickly achieve IT configura-        The one standard that cuts across all security-related opera-
tion integrity by proactively assessing how their current          tions and subject matter is the International Standards
configurations measure up to specifications as given in ISO        Organization’s IEC/ISO27001. The ISO 27001 standard was
27001. Tripwire Enterprise provides organizations with pow-        published in October 2005 as a replacement to the BS7799-
erful configuration control through its compliance policy          2 standard. It is a certification standard for the creation
management, change auditing, real-time analysis of change          and maintenance of an Information Security Management
and one-touch access to remediation advice. You’ll also be         System (ISMS), and in that sense is more like a “globe” than
introduced to Tripwire Log Center, Tripwire’s complete log         a “roadmap” to information security. Organizations that
and event management solution that also fulfills many con-         seek ISO certification ISMS are examined against ISO 27001.
trols specified in the ISO 27001 standard.                            The objective of the standard is to “provide a model for
   Tripwire, the leading provider of IT security and compliance    establishing, implementing, operating, monitoring, review-
automation solutions, helps organizations gain continuous          ing, maintaining and improving” a company’s ISMS. Its
compliance with regulations, standards like ISO 27001, and         fundamental purpose is to act as a compendium of tech-
internal policy by helping them take control of security and       niques for securing IT environments and thus effectively
compliance of their IT infrastructure. Tripwire security and       managing business risk as well as demonstrating regulatory
compliance automation solutions include Tripwire Enterprise        compliance. The standard is non-industry or business func-
for configuration control and Tripwire Log Center for log and      tion specific.
security event management. And Tripwire Customer Services             The standard follows the four-part “Plan-Do-Check-Act”
can help organizations quickly maximize the value of their         (PDCA) approach. It contains eight separate sections, the
Tripwire technology implementation. Tripwire solutions deliv-      first three of which are introductory and the latter five of
er visibility across the entire IT infrastructure, intelligence    which outline actions to be taken:
to enable better and faster decisions, and automation that         • Section 4: Information Security Management System
reduces manual, repetitive tasks.
                                                                     Entity must identify risks, adopt a ISMS plan tailored to
   In the increasingly regulated world of information
                                                                     these risks, monitor, review, maintain and improve the
security, uniform standards are sometimes hard to find.
                                                                     ISMS
Numerous governmental laws and directives exist, but these
typically cover specific types of data (such as the EU Data        • Section 5: Management Responsibility
Protection Directive, PIPEDA and so forth covering sensitive         Management must adopt, implement and train staff on
personal information) or regulate a specific market sec-             the ISMS
tor or specific company function (such as internal controls        • Section 6: Internal ISMS Audits
on reporting of financial information to the public, as in           Audit ISMS at regular intervals
Sarbanes-Oxley (SOX) and Japan’s Financial Instrument and
                                                                   • Section 7: Management Review
Exchange Law, known as “JSOX”). Industry standards that
                                                                     Assess audit results and update risk assessment to check
are binding under a system of contracts also exist, but these
                                                                     effectiveness of ISMS
are again limited to participants in a particular industry
(most notably, PCI DSS for credit card merchants, members          • Section 8: ISMS Improvement
and service providers).                                              Utilize continuous improvement, take corrective action
   To what metric does an entity turn if it seeks an                 and adopt measures for preventative action.
“umbrella”-like standard that is neither imposed by law nor



  2 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
ISO 27001 does not, however, mandate specific procedures        • Alignment with the organisation: Fosters interdepartmen-
nor define the implementation techniques for gaining cer-            tal cooperation, as departments need to be in alignment
tification. For further implementation steps, the standard           in order to ensure certification;
points to a set of eleven control objectives and controls          • Alignment with industry groups: Cross-border industry
that are taken from ISO 17799:2005, “Information technol-            groups can agree on a common standard rather than hav-
ogy—Security techniques—Code of practice for information             ing to refer to country-specific legislation. For example,
security management.”                                                ISO 27001 is widely accepted and implemented through-
                                                                     out EMEA, many of whose members require their business
BENEFITS OF ADOPTING ISO 27001
                                                                     partners to have certification before working with them;
ISO 27001 is recognised internationally as a structured
                                                                   • Alignment with governmental guidelines: Industry groups
methodology for information security and is widely used
                                                                     that are urged by governments to self-regulate can turn
as a benchmark for protecting sensitive and private infor-
                                                                     to a common standard. For example, adoption of such
mation . A widely-held opinion is that ISO 27001 is an
                                                                     guidelines for privacy and security is encouraged by the
umbrella over other requirements of law or regulation (such
                                                                     Japanese government.
as JSOX, SOX and the Data Protection Directive) or contrac-
tual standards (PCI DSS) because it requires companies to
review such obligations when assessing risk under section          Tripwire Enterprise and the
4.2.1.b)2).                                                        ISO 27001 Controls
  Companies that choose to adopt ISO 27001 also dem-
                                                                   The Tripwire Enterprise solution provides organisations with
onstrate their commitment to high levels of information
                                                                   powerful configuration control through its compliance policy
security, as the principles of the standard synch well with
                                                                   management, change auditing, real-time analysis of changes
the principles of the OECD Guidelines for the Security of
                                                                   and one-touch access to remediation guidance. With Tripwire
Information Systems and Networks. It is also compatible
                                                                   Enterprise, organisations can quickly achieve IT configuration
with other management standards such as ISO 9001:2000
                                                                   integrity by proactively assessing how their current configura-
(Quality management systems—Requirements) and ISO
                                                                   tions measure up to specifications as given in ISO 27001. This
14001:2004 (Environmental management systems—
                                                                   provides organisations immediate visibility into the state of
Requirements with guidance for use). For these reasons,
                                                                   their systems, and through automation, saves time and effort
companies have adopted the standard because it works well
                                                                   over a manual efforts.
with management principles or just makes good business
                                                                      For non-compliant configurations, Tripwire Enterprise reports
sense.
                                                                   that condition as part of its risk assessment feature, it offers
In the current global marketplace, several benefits flow to a      remediation guidance for bringing the settings into compliance.
company that obtains certification to ISO 27001:                   Once this state has been achieved, Tripwire’s change audit-
• Standardization of practice: Systems from different com-         ing monitors systems for changes that could affect ISO 27001
  panies are more likely to work together if the same stan-        compliance, maintaining the IT infrastructure in a known and
  dard applies;                                                    trusted state.
• An international standard: By complying with an interna-            Tripwire Enterprise then analyzes each change in real time
  tional standard, management proves that they are taking          using ChangeIQTM capabilities. These capabilities automatically
  due diligence in ensuring the security of their customer         examine each change to see if it introduces risk or non-com-
  data. In fact, one of the stated reasons by Indian compa-        pliance. If it does, Tripwire Enterprise flags it for immediate
  nies for certification is to demonstrate security readiness      attention and possible remediation; If not, Tripwire Enterprise
  to their international customers;                                auto-promotes it. Given that the majority of changes are inten-




  3 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
tional and beneficial, this auto-promotion capability saves IT            its industry leading change monitoring. Tripwire can monitor
countless hours manually reviewing changes.                               various levels of settings as part of the Change Management
   There are several controls that reference IT technology in ISO         controls that are specified in the ISO 27001 standard.
27001. Not all can be tested adequately with software, or are
relevant to the IT Infrastructure. Tripwire Enterprise provides           HIGH PERFORMANCE LOG AND EVENT MANAGEMENT
two means of coverage for the ISO 27001 controls. Compliance              FROM TRIPWIRE

Policy Management, to proactively assess settings and checks              Tripwire Log Center also helps meet the log compliance
that they are compliant against the controls. , and change                requirements of ISO 27001 with ultra-efficient log manage-
auditing, which continuously monitors settings for changes                ment and sophisticated event management in a single,
that may take them out of compliance. For settings that are               easy-to-deploy solution. When organizations combine
not compliant, Tripwire Enterprise provides the necessary reme-           Tripwire Log Center with Tripwire Enterprise, they broaden
diation steps to bring that setting back into compliance. There           compliance coverage and reduce security risk by increasing
are some controls that Tripwire Enterprise can address by using           visibility, intelligence and automation.




Controls addressed by Tripwire Enterprise include:
A.10   COMMUNICATIONS AND OPERATIONS MANAGEMENT
 A.10.1 – Operational Procedures and Responsibilities
 The objective of this control is to ensure the correct and secure operation of information processing facilities.

            SUBSECTION                             ISO 27001 REQUIREMENT                               TRIPWIRE ENTERPRISE
 10.1.2 Change Management                  Changes to information processing facilities        Tripwire Enterprise can monitor any changes
                                           and systems shall be controlled.                    to file systems, databases and active direc-
                                                                                               tory, providing the what and who informa-
                                                                                               tion to any changes that were made to criti-
                                                                                               cal systems, thus enforcing a sound change
                                                                                               process.

 10.1.3 Segregation of duties              Duties and areas of responsibility shall            Using Roles within Tripwire Enterprise, an
                                           be segregated to reduce opportunities for           organisation has complete control over who
                                           unauthorised or unintentional modifications         can have access to files, directories and criti-
                                           or misuse of the organisations’ assets.             cal areas within your IT Infrastructure, thus
                                                                                               preventing unauthorised or unintentional
                                                                                               modifications of files.

 10.1.4 Separation of development,         Development, test and operational facili-           User groups can be developed within Tripwire
 test and operational facilities           ties shall be separated to reduce the risks of      Enterprise to separate duties of individu-
                                           unauthorised access or changes to the opera-        als within those groups, restricting permis-
                                           tional system.                                      sions and file access rights where necessary
                                                                                               to reduce the risk of any unauthorised or
                                                                                               unintentional changes to systems.




  4 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
A.10.2 – Third Party Service Delivery Management
The objective of this control is to implement and maintain the appropriate level of information security and service delivery in line with
third party service delivery agreements.

          SUBSECTION                           ISO 27001 REQUIREMENT                                TRIPWIRE ENTERPRISE
10.2.3 Managing changes to third          Changes to the provision of services,          Tripwire Enterprise can monitor changes to critical
party services                            including maintaining and improving            systems and be aligned with applications, proce-
                                          existing information security policies,        dures and business systems to ensure changes
                                          procedures and controls, shall be              don’t happen, and if they do, give visibility to those
                                          managed, taking account of the critical-       changes, thus reducing risk.
                                          ity of business systems and processes
                                          involved and re-assessment of risks.

A.10.4 – Protection Against Malicious and Mobile Code
The objective of this control is to protect the integrity of software and information.

          SUBSECTION                           ISO 27001 REQUIREMENT                                TRIPWIRE ENTERPRISE
10.4.1 Controls against malicious         Detection, prevention and recovery             By monitoring critical files, Tripwire Enterprise can
code                                      controls to protect against malicious code     detect when edits to files have been made, who
                                          and appropriate user awareness proce-          made the edits, and whether code was changed,
                                          dures shall be implemented.                    deleted or new code added, thus creating a process
                                                                                         around code management, and reducing the risk of
                                                                                         malicious behavior.

A.10.6 – Network Security Management
The objective of this control is to ensure the protection of information in networks and the protection of the supporting infrastructure.

          SUBSECTION                           ISO 27001 REQUIREMENT                                TRIPWIRE ENTERPRISE
10.6.1 Network Controls                   Networks shall be adequately managed           Tripwire Enterprise provides critical assessment
                                          and controlled, in order to be protected       of network configuration settings to help maintain
                                          from threats, and to maintain security for     the ongoing security of internal systems and appli-
                                          the systems and applications using the         cations that rely upon the network. For example,
                                          network, including information in transit.     ensuring that anonymous SID/name translation is
                                                                                         disabled in the security options policy of a Windows
                                                                                         2003 Server. This setting prevents the null user
                                                                                         from translating a binary SID into an actual account
                                                                                         name, which may provide useful information that
                                                                                         could be used in an attack.

10.6.2 Security of Network Services       Security features, service levels, and         Maintaining security best practices on impor-
                                          management requirements of all                 tant network services is crucial for securing any
                                          network services shall be identified and       network. Tripwire Enterprise provides ongoing
                                          included in any network services agree-        assessment of network services to measure
                                          ment, wither these services are provided       individual compliance with established best
                                          in-house or outsourced.                        practices. For example, validating that the License
                                                                                         Logging Service is disabled on a Windows system.
                                                                                         This service is a license-management tool with a
                                                                                         vulnerability that permits remote code execution.
                                                                                         Disabling this service, as well as other unneces-
                                                                                         sary services, is a security best practice that helps
                                                                                         limit avenues of attack.




5 | WHITE PAPER | Effective Security with a Continuous Approach to ISO 27001 Compliance
A.10.7 – Media Handling
The objective of this control is to prevent unauthorised disclosure, modification, removal or destruction of assets, and interruption to
business activities.

          SUBSECTION                          ISO 27001 REQUIREMENT                               TRIPWIRE ENTERPRISE
10.7.1 Management of Removable           There should be procedures in place for       An unmanaged approach to removable media can
Media                                    the management of removable media.            be a serious vulnerability. Tripwire Enterprise
                                                                                       provides assurance that system configuration
                                                                                       settings are configured to reduce common risks
                                                                                       associated with removable media. For example,
                                                                                       ensuring that security options on a Windows
                                                                                       system are configured to only allow administrators
                                                                                       to format and eject removable NTFS media.

A.10.8 – Exchange of Information
The objective of this control is to maintain the security of information and software exchanged within an organisation and with any exter-
nal entity.

          SUBSECTION                          ISO 27001 REQUIREMENT                               TRIPWIRE ENTERPRISE
10.8.1 Information Exchange Policies     Formal exchange policies, procedures          Compliance policy management helps to ensure
and Procedures                           and controls shall be in place to protect     that proper measures are in place to safeguard the
                                         the exchange of information through           exchange of information and eliminate unneces-
                                         the use of all types of communications        sary communication risks. For example, verify-
                                         facilities.                                   ing that the NetMeeting Remote Desktop Sharing
                                                                                       Service is disabled on a Windows system. This
                                                                                       service supports NetMeeting, but may be subject to
                                                                                       hacker attacks and buffer overflows.

10.8.5 Business Information              Policies and procedures shall be              Tripwire Enterprise verifies that proper system
Systems                                  developed and implemented to protect          configuration settings are used to safeguard infor-
                                         information associated with the intercon-     mation necessary for disparate business infor-
                                         nection of business information systems.      mation systems to interconnect. For example,
                                                                                       ensuring that strong key protection is required
                                                                                       for user keys stored on a covered system. Strong
                                                                                       key protection requires users to enter a password
                                                                                       associated with a key every time they use the key.
                                                                                       This helps prevent user keys from being compro-
                                                                                       mised if a computer is stolen or hijacked.

A.10.9 – Electronic Commerce Services
The objective of this control is to ensure the security of electronic commerce services, and their secure use.

          SUBSECTION                          ISO 27001 REQUIREMENT                               TRIPWIRE ENTERPRISE
10.9.3 Publicly Available Information    The integrity of information being made       Tripwire Enterprise provides the use of “roles”
                                         available on a publicly available system      to restrict unauthorised access to important files
                                         shall be protected to prevent unauthor-       as well as the necessary monitoring of these files
                                         ised modification.                            such that changes made are flagged and alerts
                                                                                       sent to pertinent individuals.




6 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
A.10.10 – Monitoring
 The objective of this control is to detect unauthorised information processing activities.

           SUBSECTION                          ISO 27001 REQUIREMENT                                TRIPWIRE ENTERPRISE
 10.10.1 Audit Logging                    Audit logs recording user activities,          The compliance policy manager in Tripwire
                                          exceptions, and information security           Enterprise verifies that important audit logging
                                          events shall be produced and kept for an       settings are configured to support possible
                                          agreed period to assist in future investi-     audit investigations and ongoing access control
                                          gations and access control monitoring.         monitoring.

 10.10.3 Protection of Log                Logging facilities and log information         Assuming that other log settings are configured
 Information                              shall be protected against tampering and       correctly, a problem with logging events could
                                          unauthorised access.                           indicate a security threat. The compliance policy
                                                                                         manager in Tripwire Enterprise verifies that
                                                                                         security options are configured to shut down a
                                                                                         system if an event cannot be logged to the security
                                                                                         log for any reason.

 10.10.4 Administrator and Operator       System administrator and system opera-         The compliance policy manager in Tripwire
 Logs                                     tor activities shall be logged.                Enterprise verifies that application, system and
                                                                                         security logs can be configured for necessary
                                                                                         storage capacity. For example, the maximum size
                                                                                         of the security log should be at least 80 MB to
                                                                                         store an adequate amount of log data for auditing
                                                                                         purposes.

 10.10.6 Clock Synchronisation            The clocks of all relevant information         For Windows systems, the compliance policy
                                          processing systems within an organisa-         manager in Tripwire Enterprise determines if the
                                          tion or security domain shall be synchro-      Windows Time Service is used and that the system
                                          nised with an agreed accurate time             is configured to synchronise with a secure, autho-
                                          source.                                        rised time source.


A.11   ACCESS CONTROL

 A.11.2 – User Access Management
 The objective of this control is to ensure authorised user access and to prevent unauthorised access to information systems.

           SUBSECTION                          ISO 27001 REQUIREMENT                                TRIPWIRE ENTERPRISE
 11.2.2 Privilege Management              The allocation and use of privileges shall     The compliance policy manager in Tripwire
                                          be restricted and controlled.                  Enterprise tests numerous privilege-related
                                                                                         settings to ensure restrictions are in place and
                                                                                         configured correctly. For example, Windows
                                                                                         systems should be configured to disallow the
                                                                                         granting of the SeTcbPrivilege right to any user.
                                                                                         This right allows users to access the operating
                                                                                         system in the Local System security context, which
                                                                                         overrides the permissions granted by user group
                                                                                         memberships.




 7 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
A.11.3 – User Responsibilities
The objective of this control is to prevent unauthorised user access, and compromise or theft of information and information processing
facilities.

          SUBSECTION                         ISO 27001 REQUIREMENT                                  TRIPWIRE ENTERPRISE
11.3.1 Password Use                     Users shall be required to follow good           Enforcing proper password security standards is
                                        security practices in the selection and          critical to securing any system. The compliance
                                        use of passwords.                                policy manager in Tripwire Enterprise verifies
                                                                                         that common best practices are being used for
                                                                                         password-related properties such as complexity,
                                                                                         minimum length and maximum age.

11.3.2 Unattended User Equipment        Users shall ensure that unattended               Tripwire Enterprise verifies that each system is
                                        equipment has appropriate protection.            configured to use a password-protected screen
                                                                                         saver that activates within the appropriate idle
                                                                                         time and offers no grace period before password
                                                                                         entry is required.

11.3.3 Clear Desk and Clear Screen      A clear desk policy for papers and remov-        The compliance policy manager in Tripwire
Policy                                  able media and a clear screen policy for         Enterprise validates that the current user has a
                                        information processing facilities shall be       password-protected screen saver that is active.
                                        adopted.

A.11.4 – Network Access Control
The objective of this control is to prevent unauthorised access to networked services.

          SUBSECTION                         ISO 27001 REQUIREMENT                                  TRIPWIRE ENTERPRISE
11.4.1 Policy on Use of Network         Users shall only be provided with access         Tripwire Enterprise provides a number of compli-
Services                                to the services that they have been              ance policy management tests that help ensure
                                        specifically authorised to use.                  proper access to services is maintained. For
                                                                                         example, verifying that a system restricts anony-
                                                                                         mous access to named pipes and shares to those
                                                                                         that are specifically listed in other security options.
                                                                                         This configuration helps protect named pipes and
                                                                                         shares from unauthorised access.

11.4.2 User Authentication for          Appropriate authentication methods               The compliance policy manager in Tripwire
External Connections                    shall be used to control access by remote        Enterprise can help verify proper authentica-
                                        users.                                           tion methods are in place to control access by
                                                                                         remote users. For example, refusing to allow a
                                                                                         remote login when a user attempts to use a blank
                                                                                         password (even if the blank password is valid for
                                                                                         that account).

11.4.3 Equipment Identification in      Automatic equipment identification shall         Tripwire Enterprise verifies that the security
Networks                                be considered as a means to authenticate         options for a Windows 2003 domain controller are
                                        connections from specific locations and          configured to allow a domain member to change its
                                        equipment.                                       computer account password. If the domain control-
                                                                                         ler does not permit a domain member to change its
                                                                                         password, the domain member computer is more
                                                                                         vulnerable to a password attack.




8 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
11.4.4 Remote Diagnostic and            Physical and logical access to diagnos-         The compliance policy manager in Tripwire
Configuration Port Protection           tic and configuration ports shall be            Enterprise tests a number of remote access
                                        controlled.                                     settings to ensure they meet established guide-
                                                                                        lines for controlling remote access. For example,
                                                                                        verifying that the Remote Desktop Help Session
                                                                                        Manager Service is disabled on a Windows system.

11.4.6 Network Connection Control       For shared networks, the capability of          Tripwire Enterprise helps validate that controls
                                        users to connect to the network shall be        are in place to enforce proper network connec-
                                        restricted, in line with the access control     tion restrictions on shared networks. For example,
                                        policy.                                         always requiring passwords and appropriate
                                                                                        encryption levels when using Terminal Services.

11.4.7 Network Routing Control          Routing controls shall be implemented           The compliance policy manager in Tripwire
                                        for networks to ensure that computer            Enterprise can assist with the ongoing validation
                                        connections and information flows do            of your access control policy by verifying proper
                                        not breach the access control policy of         routing controls are in place and configured
                                        business applications.                          correctly. For example, on a Windows system with
                                                                                        two valid networking devices installed, source
                                                                                        routing traffic that passes through the device can
                                                                                        spoof the device into thinking that the traffic came
                                                                                        from a safe source.

A.11.5 – Operating System Access Control
The objective of this control is to prevent unauthorised access to operating systems.

          SUBSECTION                         ISO 27001 REQUIREMENT                                 TRIPWIRE ENTERPRISE
11.5.1 Secure Log on Procedures         Access to operating systems shall be            The compliance policy manager in Tripwire
                                        controlled by a secure log-on procedure.        Enterprise can assess important log on settings
                                                                                        to determine whether they support an overall
                                                                                        secure log-on procedure. For example, not display-
                                                                                        ing the last valid user name and requiring the
                                                                                        use of CTRL+ALT+DEL keys to force the use of the
                                                                                        Windows authentication process.

11.5.2 User Identification and          All users shall have a unique identifier        Proper authentication of user IDs is a fundamental
Authentication                          (user ID) for their personal use only, and      component of controlling operating system access.
                                        a suitable authentication technique shall       Tripwire Enterprise provides critical tests to assess
                                        be chosen to substantiate the claimed           authentication settings. For example, verifying
                                        identity of a user.                             that the LAN Manager authentication model for a
                                                                                        Windows system is configured correctly so it will
                                                                                        only send NTLMv2 authentication and refuse all LM
                                                                                        authentication challenges.

11.5.3 Password Management              Systems for managing passwords                  Ensuring quality passwords requires proper
System                                  shall be interactive and ensure quality         configuration of password-related settings.
                                        passwords.                                      Tripwire Enterprise can assess these settings and
                                                                                        provide assurance that all passwords being used
                                                                                        meet minimum quality requirements. For example,
                                                                                        enforcing the use of strong passwords and restrict-
                                                                                        ing password reuse/history.




9 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
11.5.4 Use of System Utilities          The use of utility programs that might be     The compliance policy manager in Tripwire
                                        capable of overriding system and appli-       Enterprise can help maintain a strict policy on
                                        cation controls shall be restricted and       the use of utility programs. For example, verify-
                                        tightly controlled.                           ing that the FTP Publishing Service and TFTP
                                                                                      Daemon Service are both disabled, or that the
                                                                                      SeDebugPrivilege right is not assigned to any
                                                                                      users on a Windows system. This right gives users
                                                                                      the ability to debug any process on the system
                                                                                      and is susceptible to exploits that collect account
                                                                                      names, passwords, and other sensitive data from
                                                                                      the Local Security Authority (LSA).

11.5.5 Session Time-Out                 Inactive sessions shall shut down after a     Tripwire Enterprise will verify that an appropriate
                                        defined period of inactivity.                 idle session time-out is established. In the case of
                                                                                      Windows systems that communicate using the Server
                                                                                      Message Block (SMB) protocol, the compliance policy
                                                                                      manager in Tripwire Enterprise will test that the idle
                                                                                      session timeout threshold is set to 15 minutes or
                                                                                      less.

11.5.6 Limitation of Connection Time    Restrictions on connection times shall        There are a number of ways to restrict connec-
                                        be used to provide additional security for    tion times as part of an enhanced security protocol
                                        high-risk applications.                       for high-risk applications. Tripwire Enterprise can
                                                                                      determine if best-practices are being used such
                                                                                      as setting appropriate time limits for Terminal
                                                                                      Services sessions and using Group Policy to
                                                                                      restrict connections to designated hours of the day.

A.11.6 – Application and Information Access Control
The objective of this control is to prevent unauthorised access to information held in applications systems.

          SUBSECTION                          ISO 27001 REQUIREMENT                              TRIPWIRE ENTERPRISE
11.6.1 Information Access               Access to information and application         The compliance policy manager in Tripwire
Restriction                             systems functions by users and support        Enterprise provides out-of-the-box tests that help
                                        personnel shall be restricted in accor-       establish an acceptable information access control
                                        dance with the defined access control         policy. For example, ensuring that critical file and
                                        policy.                                       registry permissions have been set properly to
                                                                                      restrict access.

A.11.7 – Mobile Computing and Telecommunicating
The objective of this control is to ensure information security when using mobile computing and telecommuting facilities.

          SUBSECTION                          ISO 27001 REQUIREMENT                              TRIPWIRE ENTERPRISE
11.7.1 Mobile Computing and             A formal policy shall be in place, and        Mobile computing and related communications
Communications                          appropriate security measures shall be        pose unique risks that necessitate additional
                                        adopted to protect against the risks of       security measures. The compliance policy manager
                                        using mobile computing and communica-         in Tripwire Enterprise can help mitigate these
                                        tions facilities.                             risks by determining if established best practices
                                                                                      are in use. For example, verifying that Windows
                                                                                      systems are configured to negotiate signed
                                                                                      communications with any Server Message Block
                                                                                      (SMB) server. By supporting mutual authentication
                                                                                      and protection against packet tampering, signed
                                                                                      communication helps to protect against man-in-
                                                                                      the-middle attacks.




10 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
A.12 INFORMATION SYSTEMS ACQUISITION, DEVELOPMENT AND MAINTENANCE

A.12.2 – Correct Processing in Applications
The objective of this control is to prevent errors, loss, unauthorised modifications or misuse of information in applications.

          SUBSECTION                           ISO 27001 REQUIREMENT                               TRIPWIRE ENTERPRISE
12.2.2 Control of Internal processing     Validation checks shall be incorporated      By monitoring changes that occur within applica-
                                          into applications to detect any corruption   tions, Tripwire Enterprise can detect any changes
                                          of information through processing errors     to critical files, and monitor who may have intro-
                                          or deliberate acts.                          duced errors that caused file corruption.

A.12.4 – Security of System Files
The objective of this control is to ensure the security of system files.

          SUBSECTION                           ISO 27001 REQUIREMENT                               TRIPWIRE ENTERPRISE
12.4.1 Control of operational             There shall be procedures in place to        Tripwire Enterprise can detect changes to the
software                                  control the installation of software on      operating system, which includes new software
                                          operational systems.                         installations, when it was installed, and who
                                                                                       performed the installation. Tripwire Enterprise
                                                                                       can also be incorporated with Change Ticketing
                                                                                       systems authorising these installations, showing
                                                                                       that status.

A.12.5 – Security in Development and Support Process
The objective of this control is to maintain the security of application system software and information.

          SUBSECTION                           ISO 27001 REQUIREMENT                               TRIPWIRE ENTERPRISE
12.5.1 Change control procedures          The implementation of changes shall be       Tripwire Enterprise is the industry leader in
                                          controlled by the use of formal change       change audit and detection and should be an
                                          control procedures.                          integral part of any formal change control proce-
                                                                                       dure. Tripwire Enterprise is also integrated with
                                                                                       major change ticketing systems to help control
                                                                                       formal change processes.

12.5.2 Technical review of appli-         When operating systems are changed,          Tripwire Enterprise provides several reports
cations after operating system            business critical applications shall be      around changes to systems, as well as links within
changes                                   reviewed and tested to ensure there is no    these reports that can show specific systems that
                                          adverse impact on organisational opera-      changed, as well as who made the changes. These
                                          tions or security.                           reports provide a documented audit trail that can
                                                                                       be reviewed and approved to prevent potential
                                                                                       problems.

12.5.3 Restrictions on changes to         Modifications to software packages shall     Tripwire Enterprise monitors all changes that
software packages                         be discouraged, limited to necessary         happen on defined systems, providing information
                                          changes, and all changes shall be strictly   if files have been
                                          controlled.                                  modified, added or deleted. Having Tripwire
                                                                                       Enterprise ensures change is monitored and
                                                                                       controlled.




 11 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
A.13   INFORMATION SECURITY INCIDENT MANAGEMENT

 A.13.2 – Management of Information Security Incidents and Improvements
 The objective of this control is to ensure a consistent and effective approach is applied to the management of information security
 incidents.

           SUBSECTION                         ISO 27001 REQUIREMENT                                TRIPWIRE ENTERPRISE
 13.2.3 Collection of evidence           Where a follow-up action against a             As part of the audit trail and reporting capabilities
                                         person or organisation after an informa-       within Tripwire Enterprise, changes that are made
                                         tion security incident involves legal action   to systems that could provide potential vulner-
                                         (either civil or criminal), evidence shall     abilities or security incidents can be documented,
                                         be collected, retained and presented to        providing information as to the person(s) respon-
                                         conform to the rules for evidence laid         sible for any breaches in security.
                                         down in the relevant jurisdiction(s).



A.15   COMPLIANCE

 A.15.2 - Compliance with Security Policies and Standards, and Technical Compliance
 The objective of this control is to ensure compliance of systems with organisational security police and standards.

           SUBSECTION                         ISO 27001 REQUIREMENT                                TRIPWIRE ENTERPRISE
 15.2.2 Technical Compliance             Information Systems shall be regularly         The compliance policy manager in Tripwire
 Checking                                checked for compliance with security           Enterprise validates that each Windows 2003
                                         implementation standards.                      Server has the latest service pack installed.

 A.15.3 – Information Systems Audit and Considerations
 The objective of this control is to maximise the effectiveness of and to minimise interference to/from the information systems audit
 process.

           SUBSECTION                         ISO 27001 REQUIREMENT                                TRIPWIRE ENTERPRISE
 15.3.1 Information systems audit        Audit requirements and activities involv-      Tripwire Enterprise provides documented audit
 controls                                ing checks on operational systems              proof behind system compliance, as well as
                                         shall be carefully planned and agreed          changes that happen with IT systems. By incor-
                                         to minimise the risk of disruptions to         porating Tripwire Enterprise in the change
                                         business processes.                            management process, changes are monitored
                                                                                        and documented and if changes disrupt business
                                                                                        process, they can be immediately reconciled and
                                                                                        remediated.

 15.3.2 Protection of information        Access to information systems audit tools      By using Roles and User Groups in Tripwire
 systems audit tools                     shall be protected to prevent any possible     Enterprise, access to privileged information
                                         misuse or compromise.                          and software like Tripwire Enterprise can be
                                                                                        controlled/limited to users who have proper
                                                                                        permissions. Tripwire Enterprise requires instal-
                                                                                        lation by a user with Administrative privileges.
                                                                                        Users of Tripwire Enterprise can then be set up to
                                                                                        have either full access, just read access, or several
                                                                                        variances in between.




 12 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
Sample Policy Test and
Change Audit Screenshots
from Tripwire Enterprise




Screenshot showing assessments that address the Communication
and Operations Management control. Specifically, section A.10.6.2,     Screenshot showing assessments that address the Access Control
Security of Network Services. This section checks that services that   control of ISO 27001. Specifically, section A.11.6, Operating
don’t need to be enable are specifically disabled.                     System Access Control. These controls deal with permissions and
                                                                       authentication processes within the operating system.




Screenshot showing assessments that address the Compliance
control. Specifically, section A.15.2.2, Technical Compliance          Screenshot showing default role types in Tripwire Enterprise with
Checking. This is a check that the appropriate packages are            different access rights and permissions described, depending on the
installed for that system.                                             role. New roles can be created and permissions set up accordingly.




  13 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
Tripwire Enterprise Change Process Compliance report, highlighting   Tripwire Enterprise Detailed Changes report showing detailed
authorized vs. unauthorized changes to a system.                     information on what changes were made, when they occurred and
                                                                     who made the changes.




  14 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
The Nodes With Changes report shows which systems had changes,
when they occurred and other details.




                                                                   1 http://www.27000.org/iso-27001.htm

                                                                   2 http://www.rsaconference.com/Security_Topics/Professional_
                                                                     Development/Blog_Jeff_Bardin_Conspiracy_to_Commit_
                                                                     Security.aspx?blogId=8527




  15 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
ABOUT TRIPWIRE
      Tripwire is the leading global provider of IT security and compliance automation solutions that help businesses and
      government agencies take control of their entire IT infrastructure. Over 7,000 customers in more than 86 countries
      rely on Tripwire’s integrated solutions. Tripwire VIA™, the comprehensive suite of industry-leading file integrity, policy
      compliance and log and event management solutions, is the way organizations proactively prove continuous compliance,
      mitigate risk, and achieve operational control through Visibility, Intelligence and Automation. Learn more at tripwire.com.




©2010 Tripwire, Inc. | Tripwire is a registered trademark of Tripwire, Inc. All other product and company names are property of their respective owners. All rights reserved. | WP2714a

Mais conteúdo relacionado

Mais procurados

Security Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurity Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurestorm
 
CMMC Certification
CMMC CertificationCMMC Certification
CMMC CertificationControlCase
 
Security services mind map
Security services mind mapSecurity services mind map
Security services mind mapDavid Kennedy
 
I.T. Geeks Can't Talk to Management
I.T. Geeks Can't Talk to ManagementI.T. Geeks Can't Talk to Management
I.T. Geeks Can't Talk to ManagementTripwire
 
Nist cybersecurity framework isc2 quantico
Nist cybersecurity framework  isc2 quanticoNist cybersecurity framework  isc2 quantico
Nist cybersecurity framework isc2 quanticoTuan Phan
 
Nist.sp.800 37r2
Nist.sp.800 37r2Nist.sp.800 37r2
Nist.sp.800 37r2newbie2019
 
RISK MANAGEMENT: 4 ESSENTIAL FRAMEWORKS
RISK MANAGEMENT: 4 ESSENTIAL FRAMEWORKSRISK MANAGEMENT: 4 ESSENTIAL FRAMEWORKS
RISK MANAGEMENT: 4 ESSENTIAL FRAMEWORKSChristina33713
 
Enterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to auditEnterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to auditBob Rhubart
 
Why should I do SOC2?
Why should I do SOC2?Why should I do SOC2?
Why should I do SOC2?VISTA InfoSec
 
Information security governance
Information security governanceInformation security governance
Information security governanceKoen Maris
 
ISO 27001 Information Security Management Systems Trends and Developments
ISO 27001 Information Security Management Systems Trends and DevelopmentsISO 27001 Information Security Management Systems Trends and Developments
ISO 27001 Information Security Management Systems Trends and DevelopmentsCertification Europe
 
Chapter 10 security standart
Chapter 10 security standartChapter 10 security standart
Chapter 10 security standartnewbie2019
 
TrustedAgent GRC for Vulnerability Management
TrustedAgent GRC for Vulnerability ManagementTrustedAgent GRC for Vulnerability Management
TrustedAgent GRC for Vulnerability ManagementTuan Phan
 
Business case for information security program
Business case for information security programBusiness case for information security program
Business case for information security programWilliam Godwin
 
Integrating-Cyber-Security-for-Increased-Effectiveness
Integrating-Cyber-Security-for-Increased-EffectivenessIntegrating-Cyber-Security-for-Increased-Effectiveness
Integrating-Cyber-Security-for-Increased-EffectivenessAyham Kochaji
 
How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation? How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation? PECB
 
CISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | InfosectrainCISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | InfosectrainInfosecTrain
 

Mais procurados (20)

Security Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurity Framework for Digital Risk Managment
Security Framework for Digital Risk Managment
 
CMMC Certification
CMMC CertificationCMMC Certification
CMMC Certification
 
Security services mind map
Security services mind mapSecurity services mind map
Security services mind map
 
I.T. Geeks Can't Talk to Management
I.T. Geeks Can't Talk to ManagementI.T. Geeks Can't Talk to Management
I.T. Geeks Can't Talk to Management
 
Nist cybersecurity framework isc2 quantico
Nist cybersecurity framework  isc2 quanticoNist cybersecurity framework  isc2 quantico
Nist cybersecurity framework isc2 quantico
 
Nist.sp.800 37r2
Nist.sp.800 37r2Nist.sp.800 37r2
Nist.sp.800 37r2
 
RISK MANAGEMENT: 4 ESSENTIAL FRAMEWORKS
RISK MANAGEMENT: 4 ESSENTIAL FRAMEWORKSRISK MANAGEMENT: 4 ESSENTIAL FRAMEWORKS
RISK MANAGEMENT: 4 ESSENTIAL FRAMEWORKS
 
TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 -  Security Architecture Ver1 0TOGAF 9 -  Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0
 
Enterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to auditEnterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to audit
 
Why should I do SOC2?
Why should I do SOC2?Why should I do SOC2?
Why should I do SOC2?
 
Information security governance
Information security governanceInformation security governance
Information security governance
 
ISO 27001 Information Security Management Systems Trends and Developments
ISO 27001 Information Security Management Systems Trends and DevelopmentsISO 27001 Information Security Management Systems Trends and Developments
ISO 27001 Information Security Management Systems Trends and Developments
 
Chapter 10 security standart
Chapter 10 security standartChapter 10 security standart
Chapter 10 security standart
 
TrustedAgent GRC for Vulnerability Management
TrustedAgent GRC for Vulnerability ManagementTrustedAgent GRC for Vulnerability Management
TrustedAgent GRC for Vulnerability Management
 
Business case for information security program
Business case for information security programBusiness case for information security program
Business case for information security program
 
Integrating-Cyber-Security-for-Increased-Effectiveness
Integrating-Cyber-Security-for-Increased-EffectivenessIntegrating-Cyber-Security-for-Increased-Effectiveness
Integrating-Cyber-Security-for-Increased-Effectiveness
 
How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation? How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation?
 
CISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | InfosectrainCISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | Infosectrain
 
Gpc case study_eng_0221
Gpc case study_eng_0221Gpc case study_eng_0221
Gpc case study_eng_0221
 
ISO 27005 - Digital Trust Framework
ISO 27005 - Digital Trust FrameworkISO 27005 - Digital Trust Framework
ISO 27005 - Digital Trust Framework
 

Semelhante a Achieving Effective IT Security with Continuous ISO 27001 Compliance

Tripwire Iso 27001 Wp
Tripwire Iso 27001 WpTripwire Iso 27001 Wp
Tripwire Iso 27001 Wpketanaagja
 
Valiente Balancing It SecurityCompliance, Complexity & Cost
Valiente Balancing It SecurityCompliance, Complexity & CostValiente Balancing It SecurityCompliance, Complexity & Cost
Valiente Balancing It SecurityCompliance, Complexity & CostGuardEra Access Solutions, Inc.
 
20220911-ISO27000-SecurityStandards.pptx
20220911-ISO27000-SecurityStandards.pptx20220911-ISO27000-SecurityStandards.pptx
20220911-ISO27000-SecurityStandards.pptxSuman Garai
 
Planning for-and implementing ISO 27001
Planning for-and implementing ISO 27001Planning for-and implementing ISO 27001
Planning for-and implementing ISO 27001Yerlin Sturdivant
 
ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013  An Overview ISO/IEC 27001:2013  An Overview
ISO/IEC 27001:2013 An Overview Ahmed Riad .
 
Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Chandan Singh Ghodela
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxDr Madhu Aman Sharma
 
G12: Implementation to Business Value
G12: Implementation to Business ValueG12: Implementation to Business Value
G12: Implementation to Business ValueHyTrust
 
UL DQS India News Letter - iSeeek jun_2014
UL DQS India News Letter - iSeeek jun_2014UL DQS India News Letter - iSeeek jun_2014
UL DQS India News Letter - iSeeek jun_2014DQS India
 
ISO27k ISMS implementation and certification process overview v2.pptx
ISO27k ISMS implementation and certification process overview v2.pptxISO27k ISMS implementation and certification process overview v2.pptx
ISO27k ISMS implementation and certification process overview v2.pptxNapoleon NV
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA
 
NQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation GuideNQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation GuideNA Putra
 
zSecurity_L9_Standards and Policies.ppt
zSecurity_L9_Standards and Policies.pptzSecurity_L9_Standards and Policies.ppt
zSecurity_L9_Standards and Policies.pptssuser45a8a6
 
Auditing Information Security Management System Using ISO 27001 2013
Auditing Information Security Management System Using ISO 27001 2013Auditing Information Security Management System Using ISO 27001 2013
Auditing Information Security Management System Using ISO 27001 2013Andrea Porter
 
Integrating sms and isms
Integrating sms and ismsIntegrating sms and isms
Integrating sms and ismsSeptafiansyah P
 

Semelhante a Achieving Effective IT Security with Continuous ISO 27001 Compliance (20)

Tripwire Iso 27001 Wp
Tripwire Iso 27001 WpTripwire Iso 27001 Wp
Tripwire Iso 27001 Wp
 
Valiente Balancing It SecurityCompliance, Complexity & Cost
Valiente Balancing It SecurityCompliance, Complexity & CostValiente Balancing It SecurityCompliance, Complexity & Cost
Valiente Balancing It SecurityCompliance, Complexity & Cost
 
Iso 27001 awareness
Iso 27001 awarenessIso 27001 awareness
Iso 27001 awareness
 
20220911-ISO27000-SecurityStandards.pptx
20220911-ISO27000-SecurityStandards.pptx20220911-ISO27000-SecurityStandards.pptx
20220911-ISO27000-SecurityStandards.pptx
 
Planning for-and implementing ISO 27001
Planning for-and implementing ISO 27001Planning for-and implementing ISO 27001
Planning for-and implementing ISO 27001
 
Infosec Audit Lecture_4
Infosec Audit Lecture_4Infosec Audit Lecture_4
Infosec Audit Lecture_4
 
ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013  An Overview ISO/IEC 27001:2013  An Overview
ISO/IEC 27001:2013 An Overview
 
Unit 4 standards.ppt
Unit 4 standards.pptUnit 4 standards.ppt
Unit 4 standards.ppt
 
Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 Introduction
 
Ebsl Technologies It Operations Internal Presentation
Ebsl Technologies It Operations Internal PresentationEbsl Technologies It Operations Internal Presentation
Ebsl Technologies It Operations Internal Presentation
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptx
 
G12: Implementation to Business Value
G12: Implementation to Business ValueG12: Implementation to Business Value
G12: Implementation to Business Value
 
UL DQS India News Letter - iSeeek jun_2014
UL DQS India News Letter - iSeeek jun_2014UL DQS India News Letter - iSeeek jun_2014
UL DQS India News Letter - iSeeek jun_2014
 
ISO27k ISMS implementation and certification process overview v2.pptx
ISO27k ISMS implementation and certification process overview v2.pptxISO27k ISMS implementation and certification process overview v2.pptx
ISO27k ISMS implementation and certification process overview v2.pptx
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation Guide
 
NQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation GuideNQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation Guide
 
zSecurity_L9_Standards and Policies.ppt
zSecurity_L9_Standards and Policies.pptzSecurity_L9_Standards and Policies.ppt
zSecurity_L9_Standards and Policies.ppt
 
Auditing Information Security Management System Using ISO 27001 2013
Auditing Information Security Management System Using ISO 27001 2013Auditing Information Security Management System Using ISO 27001 2013
Auditing Information Security Management System Using ISO 27001 2013
 
Integrating sms and isms
Integrating sms and ismsIntegrating sms and isms
Integrating sms and isms
 

Mais de Tripwire

Mind the Cybersecurity Gap - Why Compliance Isn't Enough
Mind the Cybersecurity Gap - Why Compliance Isn't EnoughMind the Cybersecurity Gap - Why Compliance Isn't Enough
Mind the Cybersecurity Gap - Why Compliance Isn't EnoughTripwire
 
Data Privacy Day 2022: Tips to Ensure Data Privacy
Data Privacy Day 2022: Tips to Ensure Data PrivacyData Privacy Day 2022: Tips to Ensure Data Privacy
Data Privacy Day 2022: Tips to Ensure Data PrivacyTripwire
 
Key Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsKey Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsTripwire
 
Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire
 
Tripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire
 
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through Tripwire
 
Tripwire Energy Working Group: Customer Session with Chase Cole
Tripwire Energy Working Group: Customer Session with Chase ColeTripwire Energy Working Group: Customer Session with Chase Cole
Tripwire Energy Working Group: Customer Session with Chase ColeTripwire
 
Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire
 
World Book Day: Cybersecurity’s Quietest Celebration
World Book Day: Cybersecurity’s Quietest CelebrationWorld Book Day: Cybersecurity’s Quietest Celebration
World Book Day: Cybersecurity’s Quietest CelebrationTripwire
 
Tripwire Retail Security 2020 Survey: Key Findings
Tripwire Retail Security 2020 Survey: Key FindingsTripwire Retail Security 2020 Survey: Key Findings
Tripwire Retail Security 2020 Survey: Key FindingsTripwire
 
Key Findings: Tripwire COVID-19 Cybersecurity Impact Report
Key Findings: Tripwire COVID-19 Cybersecurity Impact ReportKey Findings: Tripwire COVID-19 Cybersecurity Impact Report
Key Findings: Tripwire COVID-19 Cybersecurity Impact ReportTripwire
 
The Adventures of Captain Tripwire: Coloring Book!
The Adventures of Captain Tripwire: Coloring Book!The Adventures of Captain Tripwire: Coloring Book!
The Adventures of Captain Tripwire: Coloring Book!Tripwire
 
Industrial Cybersecurity: Practical Tips for IT & OT Collaboration
Industrial Cybersecurity: Practical Tips for IT & OT CollaborationIndustrial Cybersecurity: Practical Tips for IT & OT Collaboration
Industrial Cybersecurity: Practical Tips for IT & OT CollaborationTripwire
 
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...Tripwire
 
Tripwire 2019 Skills Gap Survey: Key Findings
Tripwire 2019 Skills Gap Survey: Key FindingsTripwire 2019 Skills Gap Survey: Key Findings
Tripwire 2019 Skills Gap Survey: Key FindingsTripwire
 
A Look Back at 2018: The Most Memorable Cyber Moments
A Look Back at 2018: The Most Memorable Cyber MomentsA Look Back at 2018: The Most Memorable Cyber Moments
A Look Back at 2018: The Most Memorable Cyber MomentsTripwire
 
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTime for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTripwire
 
Tripwire State of Cyber Hygiene 2018 Report: Key Findings
Tripwire State of Cyber Hygiene 2018 Report: Key FindingsTripwire State of Cyber Hygiene 2018 Report: Key Findings
Tripwire State of Cyber Hygiene 2018 Report: Key FindingsTripwire
 
Defend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK FrameworkDefend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK FrameworkTripwire
 
Defending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksDefending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksTripwire
 

Mais de Tripwire (20)

Mind the Cybersecurity Gap - Why Compliance Isn't Enough
Mind the Cybersecurity Gap - Why Compliance Isn't EnoughMind the Cybersecurity Gap - Why Compliance Isn't Enough
Mind the Cybersecurity Gap - Why Compliance Isn't Enough
 
Data Privacy Day 2022: Tips to Ensure Data Privacy
Data Privacy Day 2022: Tips to Ensure Data PrivacyData Privacy Day 2022: Tips to Ensure Data Privacy
Data Privacy Day 2022: Tips to Ensure Data Privacy
 
Key Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsKey Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The Experts
 
Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo
 
Tripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale Peterson
 
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
 
Tripwire Energy Working Group: Customer Session with Chase Cole
Tripwire Energy Working Group: Customer Session with Chase ColeTripwire Energy Working Group: Customer Session with Chase Cole
Tripwire Energy Working Group: Customer Session with Chase Cole
 
Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller
 
World Book Day: Cybersecurity’s Quietest Celebration
World Book Day: Cybersecurity’s Quietest CelebrationWorld Book Day: Cybersecurity’s Quietest Celebration
World Book Day: Cybersecurity’s Quietest Celebration
 
Tripwire Retail Security 2020 Survey: Key Findings
Tripwire Retail Security 2020 Survey: Key FindingsTripwire Retail Security 2020 Survey: Key Findings
Tripwire Retail Security 2020 Survey: Key Findings
 
Key Findings: Tripwire COVID-19 Cybersecurity Impact Report
Key Findings: Tripwire COVID-19 Cybersecurity Impact ReportKey Findings: Tripwire COVID-19 Cybersecurity Impact Report
Key Findings: Tripwire COVID-19 Cybersecurity Impact Report
 
The Adventures of Captain Tripwire: Coloring Book!
The Adventures of Captain Tripwire: Coloring Book!The Adventures of Captain Tripwire: Coloring Book!
The Adventures of Captain Tripwire: Coloring Book!
 
Industrial Cybersecurity: Practical Tips for IT & OT Collaboration
Industrial Cybersecurity: Practical Tips for IT & OT CollaborationIndustrial Cybersecurity: Practical Tips for IT & OT Collaboration
Industrial Cybersecurity: Practical Tips for IT & OT Collaboration
 
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
 
Tripwire 2019 Skills Gap Survey: Key Findings
Tripwire 2019 Skills Gap Survey: Key FindingsTripwire 2019 Skills Gap Survey: Key Findings
Tripwire 2019 Skills Gap Survey: Key Findings
 
A Look Back at 2018: The Most Memorable Cyber Moments
A Look Back at 2018: The Most Memorable Cyber MomentsA Look Back at 2018: The Most Memorable Cyber Moments
A Look Back at 2018: The Most Memorable Cyber Moments
 
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTime for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
 
Tripwire State of Cyber Hygiene 2018 Report: Key Findings
Tripwire State of Cyber Hygiene 2018 Report: Key FindingsTripwire State of Cyber Hygiene 2018 Report: Key Findings
Tripwire State of Cyber Hygiene 2018 Report: Key Findings
 
Defend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK FrameworkDefend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK Framework
 
Defending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksDefending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber Attacks
 

Último

COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?IES VE
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsSafe Software
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXTarek Kalaji
 

Último (20)

COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
 

Achieving Effective IT Security with Continuous ISO 27001 Compliance

  • 1. Achieving Effective IT Security with Continuous ISO 27001 Compliance WHITE PAPER
  • 2. Executive Summary ISO 27001 is recognized internationally as a structured specific to a certain industry? What benefits are achieved methodology for information security and is widely used by implementing such a standard? as a benchmark for protecting sensitive and private infor- mation. In this white paper, learn how with Tripwire ISO 27001: THE UMBRELLA FOR ISMS Enterprise, organizations can quickly achieve IT configura- The one standard that cuts across all security-related opera- tion integrity by proactively assessing how their current tions and subject matter is the International Standards configurations measure up to specifications as given in ISO Organization’s IEC/ISO27001. The ISO 27001 standard was 27001. Tripwire Enterprise provides organizations with pow- published in October 2005 as a replacement to the BS7799- erful configuration control through its compliance policy 2 standard. It is a certification standard for the creation management, change auditing, real-time analysis of change and maintenance of an Information Security Management and one-touch access to remediation advice. You’ll also be System (ISMS), and in that sense is more like a “globe” than introduced to Tripwire Log Center, Tripwire’s complete log a “roadmap” to information security. Organizations that and event management solution that also fulfills many con- seek ISO certification ISMS are examined against ISO 27001. trols specified in the ISO 27001 standard. The objective of the standard is to “provide a model for Tripwire, the leading provider of IT security and compliance establishing, implementing, operating, monitoring, review- automation solutions, helps organizations gain continuous ing, maintaining and improving” a company’s ISMS. Its compliance with regulations, standards like ISO 27001, and fundamental purpose is to act as a compendium of tech- internal policy by helping them take control of security and niques for securing IT environments and thus effectively compliance of their IT infrastructure. Tripwire security and managing business risk as well as demonstrating regulatory compliance automation solutions include Tripwire Enterprise compliance. The standard is non-industry or business func- for configuration control and Tripwire Log Center for log and tion specific. security event management. And Tripwire Customer Services The standard follows the four-part “Plan-Do-Check-Act” can help organizations quickly maximize the value of their (PDCA) approach. It contains eight separate sections, the Tripwire technology implementation. Tripwire solutions deliv- first three of which are introductory and the latter five of er visibility across the entire IT infrastructure, intelligence which outline actions to be taken: to enable better and faster decisions, and automation that • Section 4: Information Security Management System reduces manual, repetitive tasks. Entity must identify risks, adopt a ISMS plan tailored to In the increasingly regulated world of information these risks, monitor, review, maintain and improve the security, uniform standards are sometimes hard to find. ISMS Numerous governmental laws and directives exist, but these typically cover specific types of data (such as the EU Data • Section 5: Management Responsibility Protection Directive, PIPEDA and so forth covering sensitive Management must adopt, implement and train staff on personal information) or regulate a specific market sec- the ISMS tor or specific company function (such as internal controls • Section 6: Internal ISMS Audits on reporting of financial information to the public, as in Audit ISMS at regular intervals Sarbanes-Oxley (SOX) and Japan’s Financial Instrument and • Section 7: Management Review Exchange Law, known as “JSOX”). Industry standards that Assess audit results and update risk assessment to check are binding under a system of contracts also exist, but these effectiveness of ISMS are again limited to participants in a particular industry (most notably, PCI DSS for credit card merchants, members • Section 8: ISMS Improvement and service providers). Utilize continuous improvement, take corrective action To what metric does an entity turn if it seeks an and adopt measures for preventative action. “umbrella”-like standard that is neither imposed by law nor 2 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
  • 3. ISO 27001 does not, however, mandate specific procedures • Alignment with the organisation: Fosters interdepartmen- nor define the implementation techniques for gaining cer- tal cooperation, as departments need to be in alignment tification. For further implementation steps, the standard in order to ensure certification; points to a set of eleven control objectives and controls • Alignment with industry groups: Cross-border industry that are taken from ISO 17799:2005, “Information technol- groups can agree on a common standard rather than hav- ogy—Security techniques—Code of practice for information ing to refer to country-specific legislation. For example, security management.” ISO 27001 is widely accepted and implemented through- out EMEA, many of whose members require their business BENEFITS OF ADOPTING ISO 27001 partners to have certification before working with them; ISO 27001 is recognised internationally as a structured • Alignment with governmental guidelines: Industry groups methodology for information security and is widely used that are urged by governments to self-regulate can turn as a benchmark for protecting sensitive and private infor- to a common standard. For example, adoption of such mation . A widely-held opinion is that ISO 27001 is an guidelines for privacy and security is encouraged by the umbrella over other requirements of law or regulation (such Japanese government. as JSOX, SOX and the Data Protection Directive) or contrac- tual standards (PCI DSS) because it requires companies to review such obligations when assessing risk under section Tripwire Enterprise and the 4.2.1.b)2). ISO 27001 Controls Companies that choose to adopt ISO 27001 also dem- The Tripwire Enterprise solution provides organisations with onstrate their commitment to high levels of information powerful configuration control through its compliance policy security, as the principles of the standard synch well with management, change auditing, real-time analysis of changes the principles of the OECD Guidelines for the Security of and one-touch access to remediation guidance. With Tripwire Information Systems and Networks. It is also compatible Enterprise, organisations can quickly achieve IT configuration with other management standards such as ISO 9001:2000 integrity by proactively assessing how their current configura- (Quality management systems—Requirements) and ISO tions measure up to specifications as given in ISO 27001. This 14001:2004 (Environmental management systems— provides organisations immediate visibility into the state of Requirements with guidance for use). For these reasons, their systems, and through automation, saves time and effort companies have adopted the standard because it works well over a manual efforts. with management principles or just makes good business For non-compliant configurations, Tripwire Enterprise reports sense. that condition as part of its risk assessment feature, it offers In the current global marketplace, several benefits flow to a remediation guidance for bringing the settings into compliance. company that obtains certification to ISO 27001: Once this state has been achieved, Tripwire’s change audit- • Standardization of practice: Systems from different com- ing monitors systems for changes that could affect ISO 27001 panies are more likely to work together if the same stan- compliance, maintaining the IT infrastructure in a known and dard applies; trusted state. • An international standard: By complying with an interna- Tripwire Enterprise then analyzes each change in real time tional standard, management proves that they are taking using ChangeIQTM capabilities. These capabilities automatically due diligence in ensuring the security of their customer examine each change to see if it introduces risk or non-com- data. In fact, one of the stated reasons by Indian compa- pliance. If it does, Tripwire Enterprise flags it for immediate nies for certification is to demonstrate security readiness attention and possible remediation; If not, Tripwire Enterprise to their international customers; auto-promotes it. Given that the majority of changes are inten- 3 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
  • 4. tional and beneficial, this auto-promotion capability saves IT its industry leading change monitoring. Tripwire can monitor countless hours manually reviewing changes. various levels of settings as part of the Change Management There are several controls that reference IT technology in ISO controls that are specified in the ISO 27001 standard. 27001. Not all can be tested adequately with software, or are relevant to the IT Infrastructure. Tripwire Enterprise provides HIGH PERFORMANCE LOG AND EVENT MANAGEMENT two means of coverage for the ISO 27001 controls. Compliance FROM TRIPWIRE Policy Management, to proactively assess settings and checks Tripwire Log Center also helps meet the log compliance that they are compliant against the controls. , and change requirements of ISO 27001 with ultra-efficient log manage- auditing, which continuously monitors settings for changes ment and sophisticated event management in a single, that may take them out of compliance. For settings that are easy-to-deploy solution. When organizations combine not compliant, Tripwire Enterprise provides the necessary reme- Tripwire Log Center with Tripwire Enterprise, they broaden diation steps to bring that setting back into compliance. There compliance coverage and reduce security risk by increasing are some controls that Tripwire Enterprise can address by using visibility, intelligence and automation. Controls addressed by Tripwire Enterprise include: A.10 COMMUNICATIONS AND OPERATIONS MANAGEMENT A.10.1 – Operational Procedures and Responsibilities The objective of this control is to ensure the correct and secure operation of information processing facilities. SUBSECTION ISO 27001 REQUIREMENT TRIPWIRE ENTERPRISE 10.1.2 Change Management Changes to information processing facilities Tripwire Enterprise can monitor any changes and systems shall be controlled. to file systems, databases and active direc- tory, providing the what and who informa- tion to any changes that were made to criti- cal systems, thus enforcing a sound change process. 10.1.3 Segregation of duties Duties and areas of responsibility shall Using Roles within Tripwire Enterprise, an be segregated to reduce opportunities for organisation has complete control over who unauthorised or unintentional modifications can have access to files, directories and criti- or misuse of the organisations’ assets. cal areas within your IT Infrastructure, thus preventing unauthorised or unintentional modifications of files. 10.1.4 Separation of development, Development, test and operational facili- User groups can be developed within Tripwire test and operational facilities ties shall be separated to reduce the risks of Enterprise to separate duties of individu- unauthorised access or changes to the opera- als within those groups, restricting permis- tional system. sions and file access rights where necessary to reduce the risk of any unauthorised or unintentional changes to systems. 4 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
  • 5. A.10.2 – Third Party Service Delivery Management The objective of this control is to implement and maintain the appropriate level of information security and service delivery in line with third party service delivery agreements. SUBSECTION ISO 27001 REQUIREMENT TRIPWIRE ENTERPRISE 10.2.3 Managing changes to third Changes to the provision of services, Tripwire Enterprise can monitor changes to critical party services including maintaining and improving systems and be aligned with applications, proce- existing information security policies, dures and business systems to ensure changes procedures and controls, shall be don’t happen, and if they do, give visibility to those managed, taking account of the critical- changes, thus reducing risk. ity of business systems and processes involved and re-assessment of risks. A.10.4 – Protection Against Malicious and Mobile Code The objective of this control is to protect the integrity of software and information. SUBSECTION ISO 27001 REQUIREMENT TRIPWIRE ENTERPRISE 10.4.1 Controls against malicious Detection, prevention and recovery By monitoring critical files, Tripwire Enterprise can code controls to protect against malicious code detect when edits to files have been made, who and appropriate user awareness proce- made the edits, and whether code was changed, dures shall be implemented. deleted or new code added, thus creating a process around code management, and reducing the risk of malicious behavior. A.10.6 – Network Security Management The objective of this control is to ensure the protection of information in networks and the protection of the supporting infrastructure. SUBSECTION ISO 27001 REQUIREMENT TRIPWIRE ENTERPRISE 10.6.1 Network Controls Networks shall be adequately managed Tripwire Enterprise provides critical assessment and controlled, in order to be protected of network configuration settings to help maintain from threats, and to maintain security for the ongoing security of internal systems and appli- the systems and applications using the cations that rely upon the network. For example, network, including information in transit. ensuring that anonymous SID/name translation is disabled in the security options policy of a Windows 2003 Server. This setting prevents the null user from translating a binary SID into an actual account name, which may provide useful information that could be used in an attack. 10.6.2 Security of Network Services Security features, service levels, and Maintaining security best practices on impor- management requirements of all tant network services is crucial for securing any network services shall be identified and network. Tripwire Enterprise provides ongoing included in any network services agree- assessment of network services to measure ment, wither these services are provided individual compliance with established best in-house or outsourced. practices. For example, validating that the License Logging Service is disabled on a Windows system. This service is a license-management tool with a vulnerability that permits remote code execution. Disabling this service, as well as other unneces- sary services, is a security best practice that helps limit avenues of attack. 5 | WHITE PAPER | Effective Security with a Continuous Approach to ISO 27001 Compliance
  • 6. A.10.7 – Media Handling The objective of this control is to prevent unauthorised disclosure, modification, removal or destruction of assets, and interruption to business activities. SUBSECTION ISO 27001 REQUIREMENT TRIPWIRE ENTERPRISE 10.7.1 Management of Removable There should be procedures in place for An unmanaged approach to removable media can Media the management of removable media. be a serious vulnerability. Tripwire Enterprise provides assurance that system configuration settings are configured to reduce common risks associated with removable media. For example, ensuring that security options on a Windows system are configured to only allow administrators to format and eject removable NTFS media. A.10.8 – Exchange of Information The objective of this control is to maintain the security of information and software exchanged within an organisation and with any exter- nal entity. SUBSECTION ISO 27001 REQUIREMENT TRIPWIRE ENTERPRISE 10.8.1 Information Exchange Policies Formal exchange policies, procedures Compliance policy management helps to ensure and Procedures and controls shall be in place to protect that proper measures are in place to safeguard the the exchange of information through exchange of information and eliminate unneces- the use of all types of communications sary communication risks. For example, verify- facilities. ing that the NetMeeting Remote Desktop Sharing Service is disabled on a Windows system. This service supports NetMeeting, but may be subject to hacker attacks and buffer overflows. 10.8.5 Business Information Policies and procedures shall be Tripwire Enterprise verifies that proper system Systems developed and implemented to protect configuration settings are used to safeguard infor- information associated with the intercon- mation necessary for disparate business infor- nection of business information systems. mation systems to interconnect. For example, ensuring that strong key protection is required for user keys stored on a covered system. Strong key protection requires users to enter a password associated with a key every time they use the key. This helps prevent user keys from being compro- mised if a computer is stolen or hijacked. A.10.9 – Electronic Commerce Services The objective of this control is to ensure the security of electronic commerce services, and their secure use. SUBSECTION ISO 27001 REQUIREMENT TRIPWIRE ENTERPRISE 10.9.3 Publicly Available Information The integrity of information being made Tripwire Enterprise provides the use of “roles” available on a publicly available system to restrict unauthorised access to important files shall be protected to prevent unauthor- as well as the necessary monitoring of these files ised modification. such that changes made are flagged and alerts sent to pertinent individuals. 6 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
  • 7. A.10.10 – Monitoring The objective of this control is to detect unauthorised information processing activities. SUBSECTION ISO 27001 REQUIREMENT TRIPWIRE ENTERPRISE 10.10.1 Audit Logging Audit logs recording user activities, The compliance policy manager in Tripwire exceptions, and information security Enterprise verifies that important audit logging events shall be produced and kept for an settings are configured to support possible agreed period to assist in future investi- audit investigations and ongoing access control gations and access control monitoring. monitoring. 10.10.3 Protection of Log Logging facilities and log information Assuming that other log settings are configured Information shall be protected against tampering and correctly, a problem with logging events could unauthorised access. indicate a security threat. The compliance policy manager in Tripwire Enterprise verifies that security options are configured to shut down a system if an event cannot be logged to the security log for any reason. 10.10.4 Administrator and Operator System administrator and system opera- The compliance policy manager in Tripwire Logs tor activities shall be logged. Enterprise verifies that application, system and security logs can be configured for necessary storage capacity. For example, the maximum size of the security log should be at least 80 MB to store an adequate amount of log data for auditing purposes. 10.10.6 Clock Synchronisation The clocks of all relevant information For Windows systems, the compliance policy processing systems within an organisa- manager in Tripwire Enterprise determines if the tion or security domain shall be synchro- Windows Time Service is used and that the system nised with an agreed accurate time is configured to synchronise with a secure, autho- source. rised time source. A.11 ACCESS CONTROL A.11.2 – User Access Management The objective of this control is to ensure authorised user access and to prevent unauthorised access to information systems. SUBSECTION ISO 27001 REQUIREMENT TRIPWIRE ENTERPRISE 11.2.2 Privilege Management The allocation and use of privileges shall The compliance policy manager in Tripwire be restricted and controlled. Enterprise tests numerous privilege-related settings to ensure restrictions are in place and configured correctly. For example, Windows systems should be configured to disallow the granting of the SeTcbPrivilege right to any user. This right allows users to access the operating system in the Local System security context, which overrides the permissions granted by user group memberships. 7 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
  • 8. A.11.3 – User Responsibilities The objective of this control is to prevent unauthorised user access, and compromise or theft of information and information processing facilities. SUBSECTION ISO 27001 REQUIREMENT TRIPWIRE ENTERPRISE 11.3.1 Password Use Users shall be required to follow good Enforcing proper password security standards is security practices in the selection and critical to securing any system. The compliance use of passwords. policy manager in Tripwire Enterprise verifies that common best practices are being used for password-related properties such as complexity, minimum length and maximum age. 11.3.2 Unattended User Equipment Users shall ensure that unattended Tripwire Enterprise verifies that each system is equipment has appropriate protection. configured to use a password-protected screen saver that activates within the appropriate idle time and offers no grace period before password entry is required. 11.3.3 Clear Desk and Clear Screen A clear desk policy for papers and remov- The compliance policy manager in Tripwire Policy able media and a clear screen policy for Enterprise validates that the current user has a information processing facilities shall be password-protected screen saver that is active. adopted. A.11.4 – Network Access Control The objective of this control is to prevent unauthorised access to networked services. SUBSECTION ISO 27001 REQUIREMENT TRIPWIRE ENTERPRISE 11.4.1 Policy on Use of Network Users shall only be provided with access Tripwire Enterprise provides a number of compli- Services to the services that they have been ance policy management tests that help ensure specifically authorised to use. proper access to services is maintained. For example, verifying that a system restricts anony- mous access to named pipes and shares to those that are specifically listed in other security options. This configuration helps protect named pipes and shares from unauthorised access. 11.4.2 User Authentication for Appropriate authentication methods The compliance policy manager in Tripwire External Connections shall be used to control access by remote Enterprise can help verify proper authentica- users. tion methods are in place to control access by remote users. For example, refusing to allow a remote login when a user attempts to use a blank password (even if the blank password is valid for that account). 11.4.3 Equipment Identification in Automatic equipment identification shall Tripwire Enterprise verifies that the security Networks be considered as a means to authenticate options for a Windows 2003 domain controller are connections from specific locations and configured to allow a domain member to change its equipment. computer account password. If the domain control- ler does not permit a domain member to change its password, the domain member computer is more vulnerable to a password attack. 8 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
  • 9. 11.4.4 Remote Diagnostic and Physical and logical access to diagnos- The compliance policy manager in Tripwire Configuration Port Protection tic and configuration ports shall be Enterprise tests a number of remote access controlled. settings to ensure they meet established guide- lines for controlling remote access. For example, verifying that the Remote Desktop Help Session Manager Service is disabled on a Windows system. 11.4.6 Network Connection Control For shared networks, the capability of Tripwire Enterprise helps validate that controls users to connect to the network shall be are in place to enforce proper network connec- restricted, in line with the access control tion restrictions on shared networks. For example, policy. always requiring passwords and appropriate encryption levels when using Terminal Services. 11.4.7 Network Routing Control Routing controls shall be implemented The compliance policy manager in Tripwire for networks to ensure that computer Enterprise can assist with the ongoing validation connections and information flows do of your access control policy by verifying proper not breach the access control policy of routing controls are in place and configured business applications. correctly. For example, on a Windows system with two valid networking devices installed, source routing traffic that passes through the device can spoof the device into thinking that the traffic came from a safe source. A.11.5 – Operating System Access Control The objective of this control is to prevent unauthorised access to operating systems. SUBSECTION ISO 27001 REQUIREMENT TRIPWIRE ENTERPRISE 11.5.1 Secure Log on Procedures Access to operating systems shall be The compliance policy manager in Tripwire controlled by a secure log-on procedure. Enterprise can assess important log on settings to determine whether they support an overall secure log-on procedure. For example, not display- ing the last valid user name and requiring the use of CTRL+ALT+DEL keys to force the use of the Windows authentication process. 11.5.2 User Identification and All users shall have a unique identifier Proper authentication of user IDs is a fundamental Authentication (user ID) for their personal use only, and component of controlling operating system access. a suitable authentication technique shall Tripwire Enterprise provides critical tests to assess be chosen to substantiate the claimed authentication settings. For example, verifying identity of a user. that the LAN Manager authentication model for a Windows system is configured correctly so it will only send NTLMv2 authentication and refuse all LM authentication challenges. 11.5.3 Password Management Systems for managing passwords Ensuring quality passwords requires proper System shall be interactive and ensure quality configuration of password-related settings. passwords. Tripwire Enterprise can assess these settings and provide assurance that all passwords being used meet minimum quality requirements. For example, enforcing the use of strong passwords and restrict- ing password reuse/history. 9 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
  • 10. 11.5.4 Use of System Utilities The use of utility programs that might be The compliance policy manager in Tripwire capable of overriding system and appli- Enterprise can help maintain a strict policy on cation controls shall be restricted and the use of utility programs. For example, verify- tightly controlled. ing that the FTP Publishing Service and TFTP Daemon Service are both disabled, or that the SeDebugPrivilege right is not assigned to any users on a Windows system. This right gives users the ability to debug any process on the system and is susceptible to exploits that collect account names, passwords, and other sensitive data from the Local Security Authority (LSA). 11.5.5 Session Time-Out Inactive sessions shall shut down after a Tripwire Enterprise will verify that an appropriate defined period of inactivity. idle session time-out is established. In the case of Windows systems that communicate using the Server Message Block (SMB) protocol, the compliance policy manager in Tripwire Enterprise will test that the idle session timeout threshold is set to 15 minutes or less. 11.5.6 Limitation of Connection Time Restrictions on connection times shall There are a number of ways to restrict connec- be used to provide additional security for tion times as part of an enhanced security protocol high-risk applications. for high-risk applications. Tripwire Enterprise can determine if best-practices are being used such as setting appropriate time limits for Terminal Services sessions and using Group Policy to restrict connections to designated hours of the day. A.11.6 – Application and Information Access Control The objective of this control is to prevent unauthorised access to information held in applications systems. SUBSECTION ISO 27001 REQUIREMENT TRIPWIRE ENTERPRISE 11.6.1 Information Access Access to information and application The compliance policy manager in Tripwire Restriction systems functions by users and support Enterprise provides out-of-the-box tests that help personnel shall be restricted in accor- establish an acceptable information access control dance with the defined access control policy. For example, ensuring that critical file and policy. registry permissions have been set properly to restrict access. A.11.7 – Mobile Computing and Telecommunicating The objective of this control is to ensure information security when using mobile computing and telecommuting facilities. SUBSECTION ISO 27001 REQUIREMENT TRIPWIRE ENTERPRISE 11.7.1 Mobile Computing and A formal policy shall be in place, and Mobile computing and related communications Communications appropriate security measures shall be pose unique risks that necessitate additional adopted to protect against the risks of security measures. The compliance policy manager using mobile computing and communica- in Tripwire Enterprise can help mitigate these tions facilities. risks by determining if established best practices are in use. For example, verifying that Windows systems are configured to negotiate signed communications with any Server Message Block (SMB) server. By supporting mutual authentication and protection against packet tampering, signed communication helps to protect against man-in- the-middle attacks. 10 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
  • 11. A.12 INFORMATION SYSTEMS ACQUISITION, DEVELOPMENT AND MAINTENANCE A.12.2 – Correct Processing in Applications The objective of this control is to prevent errors, loss, unauthorised modifications or misuse of information in applications. SUBSECTION ISO 27001 REQUIREMENT TRIPWIRE ENTERPRISE 12.2.2 Control of Internal processing Validation checks shall be incorporated By monitoring changes that occur within applica- into applications to detect any corruption tions, Tripwire Enterprise can detect any changes of information through processing errors to critical files, and monitor who may have intro- or deliberate acts. duced errors that caused file corruption. A.12.4 – Security of System Files The objective of this control is to ensure the security of system files. SUBSECTION ISO 27001 REQUIREMENT TRIPWIRE ENTERPRISE 12.4.1 Control of operational There shall be procedures in place to Tripwire Enterprise can detect changes to the software control the installation of software on operating system, which includes new software operational systems. installations, when it was installed, and who performed the installation. Tripwire Enterprise can also be incorporated with Change Ticketing systems authorising these installations, showing that status. A.12.5 – Security in Development and Support Process The objective of this control is to maintain the security of application system software and information. SUBSECTION ISO 27001 REQUIREMENT TRIPWIRE ENTERPRISE 12.5.1 Change control procedures The implementation of changes shall be Tripwire Enterprise is the industry leader in controlled by the use of formal change change audit and detection and should be an control procedures. integral part of any formal change control proce- dure. Tripwire Enterprise is also integrated with major change ticketing systems to help control formal change processes. 12.5.2 Technical review of appli- When operating systems are changed, Tripwire Enterprise provides several reports cations after operating system business critical applications shall be around changes to systems, as well as links within changes reviewed and tested to ensure there is no these reports that can show specific systems that adverse impact on organisational opera- changed, as well as who made the changes. These tions or security. reports provide a documented audit trail that can be reviewed and approved to prevent potential problems. 12.5.3 Restrictions on changes to Modifications to software packages shall Tripwire Enterprise monitors all changes that software packages be discouraged, limited to necessary happen on defined systems, providing information changes, and all changes shall be strictly if files have been controlled. modified, added or deleted. Having Tripwire Enterprise ensures change is monitored and controlled. 11 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
  • 12. A.13 INFORMATION SECURITY INCIDENT MANAGEMENT A.13.2 – Management of Information Security Incidents and Improvements The objective of this control is to ensure a consistent and effective approach is applied to the management of information security incidents. SUBSECTION ISO 27001 REQUIREMENT TRIPWIRE ENTERPRISE 13.2.3 Collection of evidence Where a follow-up action against a As part of the audit trail and reporting capabilities person or organisation after an informa- within Tripwire Enterprise, changes that are made tion security incident involves legal action to systems that could provide potential vulner- (either civil or criminal), evidence shall abilities or security incidents can be documented, be collected, retained and presented to providing information as to the person(s) respon- conform to the rules for evidence laid sible for any breaches in security. down in the relevant jurisdiction(s). A.15 COMPLIANCE A.15.2 - Compliance with Security Policies and Standards, and Technical Compliance The objective of this control is to ensure compliance of systems with organisational security police and standards. SUBSECTION ISO 27001 REQUIREMENT TRIPWIRE ENTERPRISE 15.2.2 Technical Compliance Information Systems shall be regularly The compliance policy manager in Tripwire Checking checked for compliance with security Enterprise validates that each Windows 2003 implementation standards. Server has the latest service pack installed. A.15.3 – Information Systems Audit and Considerations The objective of this control is to maximise the effectiveness of and to minimise interference to/from the information systems audit process. SUBSECTION ISO 27001 REQUIREMENT TRIPWIRE ENTERPRISE 15.3.1 Information systems audit Audit requirements and activities involv- Tripwire Enterprise provides documented audit controls ing checks on operational systems proof behind system compliance, as well as shall be carefully planned and agreed changes that happen with IT systems. By incor- to minimise the risk of disruptions to porating Tripwire Enterprise in the change business processes. management process, changes are monitored and documented and if changes disrupt business process, they can be immediately reconciled and remediated. 15.3.2 Protection of information Access to information systems audit tools By using Roles and User Groups in Tripwire systems audit tools shall be protected to prevent any possible Enterprise, access to privileged information misuse or compromise. and software like Tripwire Enterprise can be controlled/limited to users who have proper permissions. Tripwire Enterprise requires instal- lation by a user with Administrative privileges. Users of Tripwire Enterprise can then be set up to have either full access, just read access, or several variances in between. 12 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
  • 13. Sample Policy Test and Change Audit Screenshots from Tripwire Enterprise Screenshot showing assessments that address the Communication and Operations Management control. Specifically, section A.10.6.2, Screenshot showing assessments that address the Access Control Security of Network Services. This section checks that services that control of ISO 27001. Specifically, section A.11.6, Operating don’t need to be enable are specifically disabled. System Access Control. These controls deal with permissions and authentication processes within the operating system. Screenshot showing assessments that address the Compliance control. Specifically, section A.15.2.2, Technical Compliance Screenshot showing default role types in Tripwire Enterprise with Checking. This is a check that the appropriate packages are different access rights and permissions described, depending on the installed for that system. role. New roles can be created and permissions set up accordingly. 13 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
  • 14. Tripwire Enterprise Change Process Compliance report, highlighting Tripwire Enterprise Detailed Changes report showing detailed authorized vs. unauthorized changes to a system. information on what changes were made, when they occurred and who made the changes. 14 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
  • 15. The Nodes With Changes report shows which systems had changes, when they occurred and other details. 1 http://www.27000.org/iso-27001.htm 2 http://www.rsaconference.com/Security_Topics/Professional_ Development/Blog_Jeff_Bardin_Conspiracy_to_Commit_ Security.aspx?blogId=8527 15 | WHITE PAPER | Achieving Effective IT Security with Continuous ISO 27001 Compliance
  • 16. ABOUT TRIPWIRE Tripwire is the leading global provider of IT security and compliance automation solutions that help businesses and government agencies take control of their entire IT infrastructure. Over 7,000 customers in more than 86 countries rely on Tripwire’s integrated solutions. Tripwire VIA™, the comprehensive suite of industry-leading file integrity, policy compliance and log and event management solutions, is the way organizations proactively prove continuous compliance, mitigate risk, and achieve operational control through Visibility, Intelligence and Automation. Learn more at tripwire.com. ©2010 Tripwire, Inc. | Tripwire is a registered trademark of Tripwire, Inc. All other product and company names are property of their respective owners. All rights reserved. | WP2714a