Vigilance™ Monitoring for Compliance

Home » Services » Managed Security Services » Vigilance™ Monitoring for Compliance

Intrinium Vigilance™ – Your Solution for Compliance

Compliance can pose a difficult challenge for most organizations; Intrinium Vigilance™ simplifies your compliance needs. Through this advanced security solution, our clients will be able to more effectively reduce risk and meet the requirements of HIPAA, FFIEC Cybersecurity and U.S Security and Claims commission.

The following diagrams outline the necessary requirements for all compliance requirements, as it relates to federal regulations.

Intrinium Vigilance™ – Your Solution for HIPAA Requirements 

Security management process

Implement policies and procedures to prevent, detect, contain, and correct security violations. 45 CFR 164.308 (a)(1)(i)

Intrinium Vigilance™ allows you to get the most out of your security hardware: Preventing events before the happen, detecting them quickly, containing them before they escalate, and applying remediation in real-time.

Security incident procedures

Implement policies and procedures to address security incidents. 45 CFR 164.308 (a)(6)(i)

Intrinium Vigilance™ Security Analysts act to support your Incident Response Policy by creating Standard Operating Procedures for incidents and guiding your response through robust security best practices.

Person or entity authentication

Implement procedures to verify that a person or entity seeking access to electronic protected health information is the one claimed. 45 CFR 164.312 (d)

Intrinium Vigilance™ correlates multiple logging sources to help identify suspicious activity and behavior, ensuring that unauthorized use of accounts does not take place.

Information system activity review

Implement procedures to regularly review records of information system activity, such as audit logs, access reports, and security incident tracking reports. 45 CFR 164.308 (a)(1)(ii)(D)

Intrinium Vigilance™ provides a central repository for logs, generates reports as needed, and provides detailed after-action reports in the case of any serious security incident.

Access control

Implement technical policies and procedures for electronic information systems that maintain electronic protected health information to allow access only to those persons or software programs that have been granted access rights. 45 CFR 164.312 (a)(1)

Intrinium Vigilance™ tracks the creation, deletion, and modification of network users, greatly reducing the risk of unauthorized access.

Response and Reporting

Identify and respond to suspected or known security incidents; mitigate, to the extent practicable, harmful effects of security incidents that are known to the covered entity; and document security incidents and their outcomes. 45 CFR 164.308 (a)(6)(ii)

Intrinium Vigilance™ allows you to get the most out of your security hardware: Preventing events before the happen, detecting them quickly, containing them before they escalate, and applying remediation in real-time.

Audit controls

Implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information. 45 CFR 164.312 (b)

Intrinium Vigilance™ monitors the logs of critical servers and systems to help ensure only authorized activity takes place.

Intrinium Vigilance™ – Your Solution for FFIEC Cybersecurity Requirements

Threat Intelligence & Collaboration

Financial institution management is expected to monitor and maintain enough awareness of cybersecurity threats and vulnerabilities so they may evaluate risk and respond accordingly.

Intrinium Vigilance™ provides a central repository for logs, generates reports as needed, and provides detailed after-action reports in the case of any serious security incident. Utilizing credentialed and un-credentialed scan vulnerabilities can be scheduled or performed ad hoc. The result then produces actionable items of remediation to create a more secure posture.

Cybersecurity Controls

Cybersecurity controls can be preventive, detective, or corrective.

Preventive controls need to be reviewed and adjusted when financial institutions change their information technology (IT) environment. Financial institutions should routinely scan IT networks for vulnerabilities and anomalous activity, test systems for their potential exposure to cyber-attacks, and remediate issues when identified.

Intrinium Vigilance™ provides a central repository for logs, generates reports as needed, and provides detailed after-action reports in the case of any serious security incident.

Intrinium Vigilance™ – Your Solution for SANS Technology Institute Requirements  

Create a strategy that is designed to prevent, detect and respond to cybersecurity threats. Such a strategy could include:

Controlling access to various systems and data via management of user credentials, authentication and authorization methods, firewalls and/or perimeter defenses, tiered access to sensitive information and network resources, network segregation, and system hardening.

Intrinium Vigilance™ are intimately familiar with industry best practices and will make recommendations to limit unauthorized or escalated access to your most sensitive data. In addition, their understanding of regulatory and compliance standards makes them uniquely qualified to assist your organization make informed choices on network infrastructure and configuration.

Create a strategy that is designed to prevent, detect and respond to cybersecurity threats. Such a strategy could include:

Data encryption.

Intrinium Vigilance™ utilizes VPN communication between the sensor and the Security Event Platform. Since no actual log data leaves your environment, only the alerts leave your network and that is encrypted

Create a strategy that is designed to prevent, detect and respond to cybersecurity threats. Such a strategy could include:

Protecting against the loss or exfiltration of sensitive data by restricting the use of removable storage media and deploying software that monitors technology systems for unauthorized intrusions, the loss or exfiltration of sensitive data, or other unusual events.

Intrinium Vigilance™ integrates threat intelligence with built-in security controls, accelerates threat detection, remediation, and regulatory compliance. Within minutes we are able to discover all of the IP-enabled devices on your network, what software is installed on them, how they’re configured, any potential vulnerabilities and active threats being executed against them.

Create a strategy that is designed to prevent, detect and respond to cybersecurity threats. Such a strategy could include:

Data backup and retrieval.

Intrinium Vigilance™ works with your organization to ensure that all the most important data is being backed up by knowing what devices are critical for business continuity. Our immediate discovery of all your IP-enabled assets allows for easy discovery of forgotten devices.

We are here to help, contact us today.

Capture the Flag Comes to Spokane

Chiara Morrison - Manager, Marketing  Spokane Mayor's Cyber Cup 2019 Chiara Morrison sat down to interview the creator of Spokane Mayor’s Cyber Cup 2019, Max Dulin, Senior at Gonzaga University, Computer Science Major. Chiara: Max, can you tell me a little bit about...

What is an Internal Vulnerability Test?

Chiara Morrison - Manager, Marketing  What is an Internal Vulnerability Test? The Intrinium Internal Vulnerability Assessment evaluates IT security from the inside of your organization and identifies critical vulnerabilities that could be exploited by attackers that...

What is a Risk Assessment?

Chiara Morrison - Manager, Marketing  What is a Risk Assessment? Risk Assessment is the combined effort of executing the following: 1.     Identifying and analyzing potential (future) events that may negatively impact individuals, assets, and/or the environment (i.e.,...

External Penetration Test 101

Chiara Morrison - Manager, Marketing  All businesses, large and small, face the growing challenge of Information Security within the organization. As an SMB, we know you want to protect your clients’ data and meet compliance requirements without allocating a...

Side-Channel: Page Cache Attacks

A side-channel attack is an attack vector through which a threat could glean information from your computer or information system. This could be as simple as reading emissions (see Emissions Security or EMSEC) from your computer to using sophisticated methods of monitoring data being written onto your hard disk and making determinations that way.

Pin It on Pinterest