In-Depth
Teaming Identity Management with Auditing
Novell's Nsure Audit helps you comply with government regulations, organizational policies
As new government regulations emerge—specifying everything from instant messaging retention periods (three years for securities firms) to the consequence of unauthorized disclosure of personal information (see separate story on California's new privacy law)—companies need to shore up not only their real-time defenses but also their ability to find out what’s happened.
As a result, "consolidated auditing and reporting across all infrastructure components, including network, application, and identity management, is becoming increasingly important for enterprises,” says Burton Group analyst Gerry Gebel. “The ability to monitor, track, and evaluate how access rights are being used is a necessity to meet government regulations and mandates for proper corporate oversight."
To help organizations manage both their compliance with government regulations, as well as internal security policies, Novell released Nsure Audit, secure logging and auditing software for tracking and monitoring internal, security-related activity.
Novell Nsure Audit collects security, system, and application event data, stores it in a centralized log, then filters the information, providing real-time monitoring and trigger notifications. The program also includes report-generating capabilities and integrates with Nsure, Novell’s identity management software.
"Government regulations [such as] Sarbanes-Oxley are requiring organizations to demonstrate better control and accountability of information access for employees, partners, and customers," notes Dave Lawrence, vice president of Novell Nsure solutions. “Novell Nsure Audit makes it possible to extract a record of the transactions within their systems, helping companies identify when business policies are being violated or when users gain excessive levels of access that put them in a position to violate policies."
By using and tracking identity management software, organizations can determine a baseline of what’s normal, then monitor long-term system access and usage patterns. In addition, software such as Nsure can capture a non-repudiative audit trail. While that’s useful for forensic analysts to piece together what did or didn’t happen during an intrusion, it’s also mandatory if a company wants to press charges and get such information introduced as evidence in court.
About the Author
Mathew Schwartz is a Contributing Editor for Enterprise Systems and is its Security Strategies column, as well as being a long-time contributor to the company's print publications. Mr. Schwartz is also a security and technology freelance writer.