ISO 27001 compliance requires the aggregation of event data from multiple systems and the security management of sensitive assets within an organization.
Logsign aggregates system, network and audit logs from various sources. These can be firewalls, routers, IDS/IPS, network devices, Windows, Linux/Unix, databases, VMware ESX, mail servers, web servers and more. Logsign allows you quickly review on critical asset information that are required for ISO 27001 compliance and increase awareness of potential security risks, vulnerabilities and threats in your organization.
Logsign delivers essential security controls to achieve ISO 27001 compliance.Critical security information is visualized. Security incidents and, threats are made visible in high-level reports and dashboards for real time reviews. These include file integrity monitoring, collection of account management activities and audit logs. Continuous security monitoring quickly detects policy violations, malicious activities targeting sensitive assets and changes in critical files. Customization of report templates ensures that users can easily generate and distribute relevant reports in various formats (PDF, e-mail, etc.) for regulatory compliance.
ISO 27001 is the management framework that follows the Four-Stage Process Cycle known as Plan-Do-Check-Act for information security controls. This aims to improve the Information Security Management System (ISMS) within the context of organization's overall business risks. Log collection, management and analysis are complementary along ISO 27001 guidelines. To fulfil ISO 27001 requirements organizations need to provide confidentiality, integrity and availability concepts of information assets.
ISO 27001 standard specifies and elaborates on following key elements. Information below explains how Logsign examines ISO 27001 compliance requirements.
Logsign performs tracking of specific security tasks and stores log information related to security incidents and metrics. Logsign also tracks alarm status and delegates it to someone when it's current state changes.
Logsign collects all account management events and tracks access rights of all employees. Activities such as User login, deny, delete or disable are retained and reported by the platform.
Logsign monitors, collects and analyzes physical access data of identity cards or any other devices to be used for entrance to and exit from a secure environment.
Logsign helps evaluate information assets according to confidentially, integrity and availability concepts. With file integrity monitoring modifications, deletions, permission changes, additions to the file system can be made visible via reports and dashboards. Logsign monitors system operations and detects unauthorized changes to the system. Information on disk volume status, CPU utilization and other hardware performance can be monitored. Accordingly notifications and real-time alerts for abnormal changes and configurations will be triggered. Logsign collects logs from various sources such as network devices, hosts, firewalls IDS/IPS systems and other security devices. These are made visible in reports and, dashboards but also actionable with alarms against malware, virus and other security attacks. Email and audit trail logs are also collected, analyzed and reported to meet confidentially, integrity and availability requirements for all information assets.
Logsign can monitor the entire process of account management and account usage activity such as user account deletion/creation, privileged changes, access escalation, hosts, password changes and VPN usage. File integrity monitoring provides review on file permission changes, detected access and use of utilities. Whenever unauthorized activity is detected, reports and alerts ensure awareness about these abnormal activities.
Logsign is fully deployed with file integrity monitoring. This helps to review various information such as access, modifications, permission changes to the file system and configuration but also performance of operational software changes.
Logsign enables security event management with reports and alarms to review vulnerabilities in the IT architecture and provides a complete record of incident classification.
Logsign collects, classifies, normalizes and analyzes the logs and creates reports and dashboards to review events in real time. When problems are detected, Logsign takes action, monitors, reports the risk, creates an alarm in real time, and sends notification to the administrator.
Logsign’s analyzing and reporting ability can be used for monitoring configuration changes. Automated auditing of data integrity, availability and confidentiality facilitate organization's regulatory compliance with security policies.