Security Compliance

Is Your Security Compliance Audit Ready?

Virtually every regulation, standard or best practice related to the discipline of information security mandates that organizations must control their end points, regardless of whether those assets are servers, workstations, laptops, tablets or other devices. PCI DSS, HIPAA, FISMA, SOX frameworks, and both ISO27001 and COBIT insist that enterprises have not only a complete, accurate and up-to-date inventory of end points, but also require that they maintain control of programs, devices and data associated with them.

Compliance Management Solutions

 

Know your security compliance posture in seconds

Historically, end point compliance management solutions have been expensive, time consuming and – far too often – ineffective for organizations that need to meet critical mandates and standards related to information security. From bulky, agent-based solutions that place a substantial load on end points and require constant maintenance, to deploying a patchwork managed solutions that each only support one or two types of end points, the options for gaining complete, enterprise-wide visibility of end points have caused far too many organizations to give up on this critical security and IT operations function.

Continuous Compliance

Promisec can ensure compliance of your endpoints thru continuous monitoring of your environments adherence to a golden image or standard configuration. This golden image can be quickly defined by pointing to a real system or created custom by you. Promisec can leverage known standards such as NIST and CIS policy definitions and supports PCI-DSS, HIPAA, SOX, FISMA, GLBA and other regulations.

With Promisec, you can easily determine deviations to:

  • Whitelist application policy – defined which applications are appropriate and which are not allowed
  • Blacklist policy – defined and automated control over shadow IT from installing inappropriate or compliance violating applications
  • Startup and system policy definition control
  • Group policy and local policy control
  • USB policy
  • Security Policies and user account control
  • File Integrity Monitoring of critical system files
  • Verified registry integrity
  • OS and application patch version control
  • Complete 3rd party endpoint configuration and security agent control
  • Any custom definition using file, process, registry or WMI/script

With enhanced visibility and control, Promisec also enables exclusions to policies based on machine or IP basis.

Related Use Cases