Search:
 
 
Home > Solutions > Compliance in Depth
Compliance in Depth

Compliance covers a broad spectrum of activity - understanding processes, mapping key data flows, designing policies, selecting appropriate controls, executing/implementing those controls, monitoring control effectiveness, gathering evidence, identifying risks, raising issues, monitoring the progress of remediation work, understanding dependencies and mitigating circumstances.

VigilancePro™ provides a single integrated solution that addresses many of the controls within standards such as ISO27001. VigilancePro™ can provide the foundation for compliance programs, enabling policies to be implemented and enforced in rules that take advantage of the features of the VigilancePro™ seven security layers.

VigilancePro™ applies directly to 63 of the 133 controls (47%) within ISO27001. It also addresses 21 of the key requirements of PCI DSS (V1.1).

Visual Audit Trails
To have a significant impact on compliance program efficiency and effectiveness solutions should enable organisations to prove due diligence and attestation levels at any stage in the compliance lifecycle, supporting both the internal and external audit processes.

VigilancePro™ provides a comprehensive visual audit trail of events across all user activity providing a unique insight into how users interact with sensitive information. Individual alerts may optionally include desktop screenshots, a screenshot of the relevant application window, all foreground window text, and even CCTV footage. Each event is assigned a severity and date and time stamped, with user details.

360 Degree Negative Assurance
A great deal of the compliance effort concentrates on segregating information such as cardholder data and personal identification information (personal data) into well protected and defined areas within the overall infrastructure. Outside of these defined areas, or zones, most organisations rely on another zone, before finally, gateway protection. Often the only outbound filtering on traffic for sensitive content between logical zones is limited to obvious channels such as email, web mail and IM. This presents a multitude of data leakage vectors to people inside the organisation.

The constant is the user, who has a need to access information from different directions, locations and therefore through a variety of applications. VigilancePro™ provides complete 360 degree coverage across the entire information estate for the occurrence of specific keywords and phrases, such as sensitive project and product codenames, or particular data formats or types - such as credit card PANs, bank account numbers and sort codes, social security or National Insurance numbers, tax codes and NHS or other health service numbers.

 
 

Related Pages
VigilancePro Standard Edition

VigilancePro Enterprise Edition

Datasheets

White Papers

Featured Links

To read more about VigilancePro Standard Edition click here.

To read more about VigilancePro Enterprise Edition click here.

Downloads
To download the VigilanceProOverview click here.

For the full VigilancePro Brochure click here.
© 2010 Overtis Group Ltd  
  privacy  |  terms of use  |  feedback  |