Streamlined Regulatory Compliance

One of the key components to regulatory compliance is auditing your data. The maXecurity products support several types of report generation that cover the needs of regulated industries, as well as aid in security threat analysis.

The maXecurity products' auditing and reporting capabilities are unique to the Web Access Management market. By closely aligning access control and reporting with regulatory requirements (such as Sarbanes-Oxley, PCI, HIPAA, and FCC CPNI), the maXecurity products make it easy to expand your IT service offerings. The ability to export these reports into analysis tools such as Excel or other Business Intelligence reporting systems streamlines the security, performance, and process monitoring of your IT infrastructure.

Built-In reports include:

• Access Violations
• Entitlements
• Administrative Activity

Streamlined Auditing Process

The maXecurity products' auditing functions are segregated from other administrative accounts, allowing for increased efficiencies. For example, companies can assign an account for an auditor, who can generate desired reports, on-demand, without involving members of the IT staff. This saves time and money. Auditors can add and remove colleagues through their own administrative interface (these activities are logged as well). The Auditor accounts are restricted to running reports, in a "read only" mode, which maintains security and compliance standards.

Access Violations Report

A key analysis for threat management is the ability to see failed attempts to access web-based systems. In addition, several regulatory bodies now require companies to show proof that attempts can be monitored. The maXecurity products track violations and have built-in tools to view, print, filter, and export the data in standard formats. The following screenshot shows the reporting interface and the result of an access violations report.

Click to enlarge

Entitlements Report

Another major compliance requirement is the need to review both “who has access to an application” as well as “what applications a person has access to”.

The maXecurity products support generating both entitlement reports with a single click. All reports are easily exportable into an industry standard format for use in external analytical tools. The following screenshot shows the two entitlement reports, exported to Excel for further analysis.

Click to enlarge

Administrative Activity Report

By restricting access to various web pages, the maXecurity products prevent unauthorized users from accessing protected resources.

The maXecurity products log and report all administrative activity. As part of public companies' need to document and track all changes to an IT infrastructure, the maXecurity products' administrative interface allows each activity to be optionally tagged with a ticket or reference number, relating to an external ticketing system. Activity reports show all ticket information so that changes can be easily traced back to the original request and/or justification.

The following screenshot shows this type of report in a "printer-friendly" manner, useful for archiving hard copies of reports.

Click to enlarge

For additional compliance information, click here.