BindView Offers Free Compliance Assessment Download to Evaluate Audit Readiness; Software Provides Quick and Easy Snapshot View of Compliance Posture.HOUSTON -- Helping enterprise organizations to more quickly and easily evaluate their state of audit readiness, BindView Corp. (Nasdaq:BVEW BVEW Binary View ) announced today the availability of a free downloadable Compliance Assessment Tool (BVCAT). The new tool provides a snapshot compliance evaluation by combining a question-based survey about internal policies with automated assessments of technical configuration criteria. Following completion of the BVCAT evaluation, an assessment report outlines weaknesses in the organization's compliance posture that could potentially lead to negative audit findings. BVCAT offers an initial measurement of an organization's compliance audit readiness against major industry regulations including Sarbanes-Oxley, FISMA FISMA Federal Information Security Management Act of 2002 FISMA Federal Information System Management Act , GLBA GLBA Gramm-Leach-Bliley Act of 1999 (Financial Modernization Act of 1999) GLBA Gay and Lesbian Business Association GLBA Great Lakes Booksellers Association GLBA Glacier Bay National Park and Preserve , Basel II Basel II is the second of the Basel Accords, which are recommendations on banking laws and regulations issued by the Basel Committee on Banking Supervision. The purpose of Basel II is to create an international standard that banking regulators can use when creating regulations and PCI (1) (Payment Card Industry) See PCI DSS. (2) (Peripheral Component Interconnect) The most widely used I/O bus (peripheral bus). . It also provides a qualitative and quantitative picture of the environment, along with an assessment of its compliance posture relative to specific regulations. The free download includes both survey and measurement components. The 10-question, five-minute survey checks for policies and processes commonly scrutinized by auditors that are outlined in prominent frameworks including COBIT (Control OBjectives for Information and related Technology) A business-oriented set of standards for guiding management in the sound use of information technology from the Information Systems Audit and Control Association (ISACA) (www.isaca.org). , FFIEC FFIEC Federal Financial Institutions Examination Council and NIST (National Institute of Standards & Technology, Washington, DC, www.nist.gov) The standards-defining agency of the U.S. government, formerly the National Bureau of Standards. It is one of three agencies that fall under the Technology Administration (www.technology. SP 800-53, among others. The measurement examines more than 60 discrete configuration elements or checks on a single representative system, evaluating IT controls and providing a technical assessment into overall audit readiness. "BVCAT is much like a home cholesterol test Cholesterol Test Definition The cholesterol test is a quantitative analysis of the cholesterol levels in a sample of the patient's blood. Total serum cholesterol (TC) is the measurement routinely taken. for compliance professionals," said BindView Vice President of Field Marketing Chris Smith. "It tests a small but significant set of indicators surrounding the overall health of the IT infrastructure, which represents its compliance posture. While poor test results may not necessarily indicate poor health -- or non-compliance -- it's an excellent early indicator of potential problems to come." For more information or to run the compliance assessment please visit: http://www.bindview.com/bvcat/. Evaluating BVCAT Results BVCAT uses more than 60 discrete configuration elements or checks which divide baseline measurement criteria into three categories: Log Auditing: Evaluates whether system logs are appropriately enabled and configured to record information. Assesses if there is a sufficient audit trail of account logon events so that each time a user logs on the system there is a record entered into the log. Restricted Access: Assesses user permissions to sensitive system data and resources, evaluating whether appropriate approvals are assigned for shutting down or changing system dates and times. Dangerous Services: Reviews commonly exploited services including Telnet, Messenger, SNMP (Simple Network Management Protocol) A widely used network monitoring and control protocol. Data are passed from SNMP agents, which are hardware and/or software processes reporting activity in each network device (hub, router, bridge, etc. , Alerter and ClipBook services and evaluates whether these are either disabled or severely restricted. About BindView BindView Corporation is a global provider of IT security compliance software. BindView solutions remove barriers that limit an organization's ability to cost effectively demonstrate due care and maintain compliance with IT security policies and regulatory mandates. BindView policy compliance; vulnerability and configuration management; and directory and access management software combine best-practices knowledge with automated controls to reduce risk and protect IT assets at the lowest cost across users, systems, applications and databases in multi-platform environments. More than 20 million licenses have shipped to 5,000 companies worldwide, spanning all major business segments and the public sector. Contact BindView via e-mail at info@bindview.com, on the web at http://www.bindview.com, and at 1-713-561-4000 or 1-800-749-8439. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion