Vigilance™ Monitoring for Compliance
Intrinium Vigilance™ – Your Solution for Compliance
Compliance can pose a difficult challenge for most organizations; Intrinium Vigilance™ simplifies your compliance needs. Through this advanced security solution, our clients will be able to more effectively reduce risk and meet the requirements of HIPAA, FFIEC Cybersecurity and U.S. Security and Claims commission.
The following diagrams outline the necessary requirements for all compliance requirements, as it relates to federal regulations.
Intrinium Vigilance™ – Your Solution for HIPAA Requirements
Security management process
Implement policies and procedures to prevent, detect, contain, and correct security violations. 45 CFR 164.308 (a)(1)(i)
Intrinium Vigilance™ allows you to get the most out of your security hardware: Preventing events before they happen, detecting them quickly, containing them before they escalate, and applying remediation in real-time.
Security incident procedures
Implement policies and procedures to address security incidents. 45 CFR 164.308 (a)(6)(i)
Intrinium Vigilance™ Security Analysts act to support your Incident Response Policy by creating Standard Operating Procedures for incidents and guiding your response through robust security best practices.
Person or entity authentication
Implement procedures to verify that a person or entity seeking access to electronic protected health information is the one claimed. 45 CFR 164.312 (d)
Intrinium Vigilance™ correlates multiple logging sources to help identify suspicious activity and behavior, ensuring that unauthorized use of accounts does not take place.
Information system activity review
Implement procedures to regularly review records of information system activity, such as audit logs, access reports, and security incident tracking reports. 45 CFR 164.308 (a)(1)(ii)(D)
Intrinium Vigilance™ provides a central repository for logs, generates reports as needed, and provides detailed after-action reports in the case of any serious security incident.
Access control
Implement technical policies and procedures for electronic information systems that maintain electronic protected health information to allow access only to those persons or software programs that have been granted access rights. 45 CFR 164.312 (a)(1)
Intrinium Vigilance™ tracks the creation, deletion, and modification of network users, greatly reducing the risk of unauthorized access.
Response and Reporting
Identify and respond to suspected or known security incidents; mitigate, to the extent practicable, harmful effects of security incidents that are known to the covered entity; and document security incidents and their outcomes. 45 CFR 164.308 (a)(6)(ii)
Intrinium Vigilance™ allows you to get the most out of your security hardware: Preventing events before the happen, detecting them quickly, containing them before they escalate, and applying remediation in real-time.
Audit controls
Implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information. 45 CFR 164.312 (b)
Intrinium Vigilance™ monitors the logs of critical servers and systems to help ensure only authorized activity takes place.
Intrinium Vigilance™ – Your Solution for FFIEC Cybersecurity Requirements
Threat Intelligence & Collaboration
Financial institution management is expected to monitor and maintain enough awareness of cybersecurity threats and vulnerabilities so they may evaluate risk and respond accordingly.
Intrinium Vigilance™ provides a central repository for logs, generates reports as needed, and provides detailed after-action reports in the case of any serious security incident. Utilizing credentialed and un-credentialed scan vulnerabilities can be scheduled or performed ad hoc. The result then produces actionable items of remediation to create a more secure posture.
Cybersecurity Controls
Cybersecurity controls can be preventive, detective, or corrective.
Preventive controls need to be reviewed and adjusted when financial institutions change their information technology (IT) environment. Financial institutions should routinely scan IT networks for vulnerabilities and anomalous activity, test systems for their potential exposure to cyber-attacks, and remediate issues when identified.
Intrinium Vigilance™ provides a central repository for logs, generates reports as needed, and provides detailed after-action reports in the case of any serious security incident.
Intrinium Vigilance™ – Your Solution for SANS Technology Institute Requirements
Controlling access to various systems and data via management of user credentials, authentication and authorization methods, firewalls and/or perimeter defenses, tiered access to sensitive information and network resources, network segregation, and system hardening.
Intrinium Vigilance™ are intimately familiar with industry best practices and will make recommendations to limit unauthorized or escalated access to your most sensitive data. In addition, their understanding of regulatory and compliance standards makes them uniquely qualified to assist your organization make informed choices on network infrastructure and configuration.
Data encryption.
Intrinium Vigilance™ utilizes VPN communication between the sensor and the Security Event Platform. Since no actual log data leaves your environment, only the alerts leave your network and that is encrypted
Protecting against the loss or exfiltration of sensitive data by restricting the use of removable storage media and deploying software that monitors technology systems for unauthorized intrusions, the loss or exfiltration of sensitive data, or other unusual events.
Intrinium Vigilance™ integrates threat intelligence with built-in security controls, accelerates threat detection, remediation, and regulatory compliance. Within minutes we are able to discover all of the IP-enabled devices on your network, what software is installed on them, how they’re configured, any potential vulnerabilities and active threats being executed against them.
Data backup and retrieval.
Intrinium Vigilance™ works with your organization to ensure that all the most important data is being backed up by knowing what devices are critical for business continuity. Our immediate discovery of all your IP-enabled assets allows for easy discovery of forgotten devices.
We are here to help, contact us today.
Business Continuity Through Remote Operations
The coronavirus pandemic has caused a unique shift in our lives. From families to businesses to first responders, everyone has been impacted. We wanted to send you an update on how we are ensuring our clients are secure, and how we can help your business get set up to...
Best Practices: Fortinet FortiGate Firewall Hardening
By Sahan Fernando - Director, Managed Security - Intrinium As business needs continue to develop, many organizations are turning to devices to effectively provide availability, confidentiality, and integrity for their networks. The buzz around “next-gen” firewalls is...
Understanding Incident Response, Planning and Cyber Insurance
In less than one year, we’ve seen whole cities taken out by ransomware with no business continuity or disaster recovery plan in place to bring themselves back up- but it’s not just cities that don’t have a plan for when a catastrophe (digital or physical) hits.
Having a plan to restore business operations will save time, money, and stress, but that’s half the equation. The other half is to practice the plan, make sure all the moving pieces fit together and make sure everything is practical and timely. Enough businesses have spent six digits or more due to not having an incident response plan- set your business and your industry apart.
Incident Response Plans: More Planning, Less Panic
In less than one year, we’ve seen whole cities taken out by ransomware with no business continuity or disaster recovery plan in place to bring themselves back up- but it’s not just cities that don’t have a plan for when a catastrophe (digital or physical) hits.
Having a plan to restore business operations will save time, money, and stress, but that’s half the equation. The other half is to practice the plan, make sure all the moving pieces fit together and make sure everything is practical and timely. Enough businesses have spent six digits or more due to not having an incident response plan- set your business and your industry apart.
Multi-factor Authentication 101
Multi-factor authentication (MFA) is a method of authentication in which a computer user is given access after presenting two or more pieces of evidence or factors to an authentication mechanism.
The Case for Password Management Software
Password Managers do just that, allowing you to almost outsource the storing, memorization, and generation of passwords while maintaining only a single password that you have to remember to access the rest.
The Low Down on Intrusion Prevention and Detection Services
By Samantha Agather, Information Security Analyst - Intrinium The Low Down on Intrusion Prevention and Detection Services In an ideal world, companies could focus all their time and resources on their products and services. However, our world is far from perfect, and...
Tribe of Hackers Interview with Kylie
Chiara Morrison, Marketing, Manager sat down to interview Manager, Security Consulting, and the founder of DC509, Kylie Martonik to talk about her contribution to the new the book, Tribe of Hackers.
IT Management Improves Productivity, Enhances Performance, and Boosts ROI
One of the easiest and most effective ways to boost your organization’s performance metrics might be to hand the management of your network over to a highly qualified firm. When it comes to operationalizing your network, a business’ managed IT services provider can...
Capture the Flag Comes to Spokane
Chiara Morrison - Manager, Marketing Spokane Mayor's Cyber Cup 2019 Chiara Morrison sat down to interview the creator of Spokane Mayor’s Cyber Cup 2019, Max Dulin, Senior at Gonzaga University, Computer Science Major. Chiara: Max, can you tell me a little bit about...