Anda di halaman 1dari 17

White Paper

Using PowerBroker Servers for Compliance with GLBA (Gramm-Leach-Bliley Act)


March 2011

Abstract

This paper explains how BeyondTrust PowerBroker Servers supports compliance with the Gramm-Leach-Bliley Financial Services Modernization Act of 1999 (GLBA), protecting consumers' non-public personal information (NPI) on UNIX and Linux systems.

www.beyondtrust.com
Corporate Headquarters 2173 Salk Avenue Carlsbad, California 92008 Phone: +1 818.575.4000

Table of Contents
Introduction .................................................................................................................................................................................3 PowerBroker Servers Features and Functionalities .......................................................................................................4 How PowerBroker Servers Works: Architecture and Components .....................................................................4 PowerBroker Servers Features ..........................................................................................................................................8 PowerBroker Servers and GLBA Compliance ................................................................................................................ 10 Best-Practices Security and ISO 27002 Mapping .................................................................................................... 10 Preparing for a GLBA Audit ................................................................................................................................................. 14 Maintaining Compliance and Safe Harbor Protection .............................................................................................. 15 Conclusion................................................................................................................................................................................. 16 Notes and Citations ................................................................................................................................................................ 17

PowerBroker Servers and GLBA Compliance

2010. BeyondTrust Software, Inc.

Introduction
The Gramm-Leach-Bliley Act (GLBA) was passed to safeguard the private consumer information that banks and financial services companies collect or receive. Financial services companies is broadly defined to include all companies that handle consumers' nonpublic personal financial data and personally identifiable information (PII). This has enabled enforcement against violators not usually considered financial services firmsfor example, the FTC has brought enforcement actions against car dealerships, a primary target of identity thieves. To comply with GLBA, every financial institution must create and implement a written information security plan for the protection of customer data. This plan's goal is compliance with GLBA's Privacy Obligation Policy, while the establishment of customer financial data protection measures is the goal of GLBA's Financial Institutions Safeguards. Both state security objectives, but do not provide clear direction on how these security objectives are to be achieved. Demonstrating compliance becomes a complex issue when it comes to implementation, audit, and enforcement, since each of a number of federal and state agencies is tasked by GLBA with developing appropriate but different standards for assessing GLBA compliance with the financial entities under its jurisdiction (see page 5 for a table showing which regulation is enforced by which agencies on which types of financial entity). This paper focuses on compliance with the FTC's Safeguards Rule because the FTC has jurisdiction over all non-bank financial institutions, and because it has pursued enforcement actions involving many highly publicized breaches (such as that involving shoe retailer DSW, Inc.). However, the descriptions of how PowerBroker Servers secures private consumer information holds true for all regulations developed to enforce GLBA, regardless of industry and for other data privacy mandates, such as PCI DSS. Adding further support for GLBA enforcement, in December 2007 Deloitte & Touche USA and the Ponemon Institute released a study on data breaches involving personally identifiable information (PII). They found that 85% of enterprises have experienced at least one reportable security incident in the past year, with 63% reporting between 6 and 20 breaches involving PII. Rena Mears, Deloitte global and US privacy and data protection leader, said she was "shocked by the high percentage of PII data breaches we're seeing occur within organizations. This survey provides insight into the scale of the problem and how enterprises are struggling to respond. It's clear that both privacy and security professionals are caught in a reactive cycle."

PowerBroker Servers and GLBA Compliance

2010. BeyondTrust Software, Inc.

BeyondTrust PowerBroker Servers acts as an access control mechanism in an organization's heterogeneous UNIX/Linux environment in support of GLBA compliance. PowerBroker Servers' highly granular access control, delegation of privilege, encryption of data in motion, and scalability support GLBA compliance. PowerBroker Servers also embodies best-practices security, as defined in ISO 27002. The ability to control and selectively delegate root and other administrative privileges on UNIX and Linux systems, and to log the actions of individuals, is central to GLBA compliance. Since native UNIX and Linux systems do not log the actions of individuals using shared privileged accounts such as root, they do not allow the individual accountability required by compliance regulations. In addition, native UNIX/Linux systems do not prevent individuals from altering logs and an audit trail, which means all evidence of their actions, can be erased. And separation of duties (SOD), required by GLBA and most other regulatory compliance, is impossible without the ability to delegate and log activity on an individual level. PowerBroker Servers provides logs of individual activity down to the keystroke level, as well as an Entitlement Report to give auditors a baseline for determining accountability. Log data can be encrypted and safely stored away from unauthorized access. PowerBroker Servers can be the cornerstone of a GLBA compliance plan for UNIX and Linux systems, where the most sensitive customer data maintained by large enterprises typically resides. Deploying PowerBroker Servers will also support the risk management plan and compliance with other data privacy regulations and standards, such as HIPAA, PCI DSS, and the European Data Privacy Act.

PowerBroker Servers Features and Functionalities How PowerBroker Servers Works: Architecture and Components
PowerBroker Servers lets root authority be delegated or partitioned without compromising root security. PowerBroker Servers does this by binding specific root-level tasks to UNIX or Linux user IDs, so system administrators can complete these tasks without knowing the root password. By preventing unauthorized access, PowerBroker Servers secures personally identifiable information and prevents the deletion of logged events and audit trails. PowerBroker Servers lets the system administrator specify whether, under what conditions, and when a user's request to run a program will be accepted or rejected. This granular control of authorization is achieved through PowerBroker Servers' policy language.

PowerBroker Servers and GLBA Compliance

2010. BeyondTrust Software, Inc.

With PowerBroker Servers, administrative tasks such as adding new users can be delegated to individuals or groups at a granular level. PowerBroker Servers also grants user access to files, directories, and third-party applications and accounts (such as database, SAP, or generic accounts). PowerBroker Servers authorizes users to perform the root actions for which they are responsible, but no other commands or programs requiring the root account. With PowerBroker Servers, the user requests that a program be run as root (or as another privileged UNIX or Linux account, such as dba on Oracle). If the request is accepted, PowerBroker Servers runs the program locally or across a network for the user. By letting system administrators delegate administrative privileges and authorization without disclosing the root password, PowerBroker Servers enables selective access to UNIX- and Linux-based corporate resources while protecting the root account from unauthorized use. PowerBroker Servers policy scripting language lets administrators restrict user actions to only specified applications, commands, or files. Its logs and reports, including keystroke logging and Entitlement reports, provide the data auditors need. PowerBroker Servers establishes the requirements of compliance: security and accountability. PowerBroker Servers' privilege delegation, customized to an organizations needs through policy scripts, provides proactive security, keeping personally identifiable information out of sight and out of reach. PowerBroker Servers' architecture is fully compatible with existing network architectures and security devices, including firewalls and routers. A typical PowerBroker Servers configuration consists of four software modules: pbrun, pbmasterd, pblocald, and pblogd.

PowerBroker Servers and GLBA Compliance

2010. BeyondTrust Software, Inc.

User task submission: pbrun. All secured tasks must be submitted through pbrun. A separate pbrun process is started for each secured task request that is submitted. If the use of pbrun is not enforced for secured tasks, a companys security policy implementation may be compromised. Security policy file processing: pbmasterd. pbmasterd applies the security rules defined in the PowerBroker Servers security policy files. pbmasterd performs security verification processing to determine whether to accept or reject a request, based on these security rules. If a request is rejected, the result is logged and processing terminates. If a request is accepted, it is passed to pblocald for execution. Task execution: pblocald. pblocald executes task requests that have passed security verification processing. As soon as a task request has been accepted, it is passed from pbmasterd to pblocald. By default, pblocald executes the task request as the account specified in the policy variable runuser, typically as root or as another administrative account. As a result, all task input and output information is transferred back to the pbrun component. In addition, pblocald logs pertinent task information to the PowerBroker Servers Event Log via pbmasterd or pblogd, depending on how PowerBroker Servers has been deployed. The Run Host can also record task keystroke information to a PowerBroker Servers I/O Log. Logging: pblogd. pblogd is an optional PowerBroker Servers component that writes event and I/O Log records. If pblogd is not installed, pbmasterd writes log records directly to the appropriate log files rather than passing these records to pblogd. Unless pblogd is installed, pbmasterd must wait for the pblocald process 6 PowerBroker Servers and GLBA Compliance 2010. BeyondTrust Software, Inc.

to complete. If pblogd is used, pbmasterd terminates once task execution starts and pblocald sends its log records directly to pblogd. Using pblogd optimizes PowerBroker Servers processing by centralizing the writing of log records in a single, dedicated component and eliminating the need for the pbmasterd process to wait for task execution to complete. The machine from which a task is submitted is the Submit Host. A secured task request must undergo security validation processing by pbmasterd before it is allowed to run. The machine on which Security Policy File processing takes place is the Master Host. The machine on which a task is actually executed is the Run Host. The logserver daemon pblogd writes Event Log and I/O Log records on the Log Host. PowerBroker Servers settings file: pb.settings. Although PowerBroker Servers provides strong root and command delegation, it is also highly customizable. This begins with the pb.settings file, which lists parameters that can be defined to best suit an organizations security policy. These parameters are stored on each machine in the /etc/pb.settings file. They include: Masters : Allows administrators to define PowerBroker Servers master servers to either request or accept permissions. Log Servers: Allows administrators to define a single, central server to consolidate all PowerBroker Servers Event and I/O Logs. Logging: Allows the administrator to define the filenames where various data will be logged, including Event logs, I/O logs, and Error logs. Encryption: Enables DES or 3DES encryption of all PowerBroker Servers communication among submitting machines, the PowerBroker Servers Master server, and executing machines. All policies and log files can be encrypted, further securing PowerBroker Servers authorization. Some 30 encryption options are supported. NPI, such as customers' credit-card numbers, is encrypted in motion by default. SSL: Administrators can enable public-key infrastructure support, using SSL for certificate and key management. Kerberos: PowerBroker Servers can use Kerberos to authenticate its components and to exchange encryption-key information. Firewalls: PowerBroker Servers can operate in highly secure environments where firewalls are used to separate clients and servers.

PowerBroker Servers and GLBA Compliance

2010. BeyondTrust Software, Inc.

PowerBroker Servers Features


PowerBroker Servers has established itself as a complete solution for centralized authorization management across a network of UNIX and Linux hosts. PowerBroker Servers runs on many different UNIX and Linux operating systems, without modifying the kernel or requiring any binary replacement or system reboot. PowerBroker Servers provides a secured way to let users access multiple accounts, rather than having them use the su (switch user) command and requiring them to remember multiple passwords. PowerBroker Servers also provides secure access to multiple-user accounts while creating an audit trail of each users activity. Suppose a user performs an su oracle command and is running as the oracle account, doing some file editing. The Oracle Administrator does not know which user with the oracle password has su'ed to Oracle, or which tasks that user performed as oracle. Forcing a pbrun oracle secures the Oracle administrative account, enabling many types of password authentication, logging, and privilege delegation, while providing user accountability.. Non-intrusive to operating system. PowerBroker Servers is non-intrusive to UNIX and Linux operating systems. No kernel rebuild or system reboot is required after installation. PowerBroker Servers does not replace any binaries, but does modify /etc/services (to designate port numbers), /etc/inetd.conf, and the xinetd configuration (where daemons start up). If an organization does not use these locations for ports or daemons, PowerBroker Servers will use whatever location the organization uses. PowerBroker Servers reduces the risk of accidental damage, theft of digital assets, or malicious activities without altering or disrupting the operating systema practice that can violate software and systems warranties. Often third-party UNIX software vendors place files and programs throughout a UNIX system. Conflicts arise between the new software package and existing applications, and UNIX operation is impaired. PowerBroker Servers does not affect the UNIX kernel or other software applications. Native Installers. PowerBroker Servers provides native install bundles for Solaris, Linux, HPUX, and AIX systems, to facilitate installation of PowerBroker Servers 5.0 across large heterogeneous environments. Administrators can automatically deploy PowerBroker Servers to multiple servers from a remote location, reducing the time and cost associated with having to deploy licenses locally in several of an organization's locations. These bundles also track the installation process.

PowerBroker Servers and GLBA Compliance

2010. BeyondTrust Software, Inc.

Centralized Administration and Failover Capabilities. PowerBroker Servers allows IT professionals to centrally manage complex heterogeneous environments from a single server. PowerBroker Serverss central administration enables costeffective and consistent security management for diverse machines across local, national, or global networks. Since all policy files are controlled through a central server, access is centrally administered. Even if a client is compromised, PowerBroker Servers and its configurations cannot be modified. PowerBroker Servers has a specialized client/server architecture, with failover servers that provide fault tolerance and load balancing for continuous availability. Configuration settings provide for redundant Master Hosts, eliminating the possibility of a single point of failure. The redundant Master Hosts can be positioned throughout the network, so they can respond to local authorization requests. This is especially valuable to an organization with a large WAN or global presence, where a lapse in network connectivity could impact usage. Centralized log pooling. PowerBroker Servers collects and stores PowerBroker Servers logs from multiple servers onto one PowerBroker Servers server, enabling administrators to review and manage logs from a centralized location. The log pooling feature allows administrators to discover anomalies sooner, and also reduces the administrative overhead associated with log review. Web-based GUI. PowerBroker Servers comes with a web-based graphical user interface (GUI) that provides a user-friendly alternative to administering PowerBroker Servers from a Unix command line. From the GUI authorized users can create and modify policy files, edit the PowerBroker Servers settings file, view Event Logs, replay Keystroke Logs, and create and run Log and Entitlement Reports. The following screen shot of the PowerBroker Servers GUI shows the "Edit Settings File" page. Large file system support. To ensure complete logging, PowerBroker Servers supports large file systems. BeyondTrust recommends that you regularly rotate your logs for better manageability. Quick Deployment, Quick Results. PowerBroker Servers is quick to deploy, and even a large deployment can be done without Professional Services. Logs and reports are available immediately.

PowerBroker Servers and GLBA Compliance

2010. BeyondTrust Software, Inc.

PowerBroker Servers and GLBA Compliance


Why is Controlling Superuser Privileges Central to GLBA Compliance? "...Unix lacks a simple and scalable model for administrative delegation. Organizations that allow root logins to mission-critical UNIX servers run unnecessary risks." So ends the summary of Gartner's report on the need to control UNIX superuser privileges. Any organization implementing a GLBA or FTC Safeguards Rule compliance initiative in an environment where customer NPI is hosted on UNIX or Linux systems must come to terms with this reality. First, UNIX and Linux administrator accounts are shared accounts, and as such are inherently insecure. This lack of security can result from individuals are being given greater privilege than needed to do their work or from security weaknesses unanticipated when UNIX first came into use, such as the ability to escape from an suid shell script to the root account with its unlimited privilege. Second, GLBA requires two conditions that can only be met if each user has an individual ID: Accountability: All compliance mandates require accountability, which in turn requires individual IDs. Without them, auditing requirements cannot be met, because an individual who has abused his access privileges cannot be identified and controlled. Even in a world without compliance mandates, individual accountability would be a necessary tool for risk management in any organization. Segregation of Duties (SOD): "Segregation of duties is an internal control element of compliance programs because it mitigates errors and opportunities for corporate fraud. For example, users who create data dont have permissions to process their data, and developers dont have permissions to work with clientfacing production systems." But segregation of duties with the granularity needed to meet compliance regulations cannot be achieved without individual IDs.

Best-Practices Security and ISO 27002 Mapping


Gartner suggests that "organizations should map their IT controls to industryrecognized control frameworks. . . or to security best-practices standards . . .to gain the strongest defensive position with respect to external auditors." Many security experts think pursuing best-practices security is a faster, more comprehensive way to achieve compliance than trying to back out security policies from compliance regulations.

10

PowerBroker Servers and GLBA Compliance

2010. BeyondTrust Software, Inc.

The following table shows how PowerBroker Servers maps to ISO 27002, "a set of information security controls describing best practices in information security."
ISO 27002 Reference No. 6.2 ISO 27002 Control Statement PowerBroker Servers Mitigating Controls for GLBA Compliance PowerBroker Servers provides a means to enforce IT controls to limit the risk of third parties' accessing an organization's Information assets. Accountability of acceptable-use policies is reinforced through event log audit reporting and keystroke recording of the assets and resources. PowerBroker Servers users may be disabled by removing users' memberships in groups as part of a group profile definition PowerBroker Servers access rights for UNIX users can be controlled automatically by modifying memberships in groups as part of a group profile definition. Access by a member of a specific group (or role) may be expressly denied, based on a source or destination system.

7.1.3

8.3.1

8.3.3

10.1.4

10.4.1

External Parties: Any access to the organization's information processing facilities and processing and communication of information by external parties should be controlled. Controls should be agreed upon and defined in an agreement with the external party. Acceptable use of assets: Rules for the acceptable use of information and assets associated with information processing facilities should be identified, documented, and implemented. Termination responsibilities: Responsibilities for performing employment termination or change of employment should be clearly defined and assigned. Removal of access rights: The access rights of all employees, contractors and third-party users to information and information processing facilities should be removed upon termination of their employment, contract or agreement, or adjusted upon change. Separation of development, test, and operational facilities: Development, test, and operational facilities should be separated to reduce the risks of unauthorized access or changes to the operational system. Controls against malicious code: Detection, prevention, and recovery controls to protect against malicious code and appropriate user awareness procedures should be implemented. Network controls: Networks should be adequately managed and controlled, in order to be protected from threats, and to maintain security for the systems and applications using the network, including information in transit. On-Line Transactions: Information involved in online transactions should be protected to prevent incomplete transmission, misrouting, unauthorized message alteration, unauthorized disclosure, unauthorized message duplication or replay.

10.6.1

PowerBroker Servers includes an integrity checking function (checksum) to identify altered code that may contain malware (e.g., a Trojan horse) and prevent it from executing. PowerBroker Servers also checks the file's owner and rights privileges. PowerBroker Servers policies can facilitate and work with your network controls, and can provide an independent check to some of them. Digital certificates are supported for securing transactional data between endpoints using SSL/TLS protocols. Secured transactions meet the requirements of ISO 27002 par. 10.9.2 (c)-(f).

10.9.2

11

PowerBroker Servers and GLBA Compliance

2010. BeyondTrust Software, Inc.

ISO 27002 Reference No. 10.10.1

ISO 27002 Control Statement

10.10.4

Audit logging: Audit logs recording user activities, exceptions, and information security events should be produced and kept for an agreed period to assist in future investigations and access control monitoring. Administrator and operator logs: System administrator and system operator activities should be logged.

11.1.1

Access control policy: An access-control policy should be established, documented, and reviewed based on business and security requirements for access. Privilege management: The allocation and use of privileges should be restricted and controlled. Review of user access rights: Management should review users' access rights at regular intervals using a formal process. Password use: Users should be required to follow good security practices in the selection and use of passwords. User authentication for external connections: Appropriate authentication methods should be used to control access by remote users. Segregation in networks: Groups of information services, users, and information systems should be segregated on networks. Secure log-on procedures: Access to operating systems should be controlled by a secure log-on procedure. User identification and authentication: All users should have a unique identifier (user ID) for their personal use only, and a suitable authentication technique should be chosen to substantiate the claimed identity of a user.

11.2.2

11.2.4 11.3.1 11.4.2

11.4.5 11.5.1 11.5.2

PowerBroker Servers Mitigating Controls for GLBA Compliance PowerBroker Servers records rejected attempts of unauthorized access to data, and failed authentication attempts. Audited events meet the requirements of ISO 27002 par. 10.10.1 (a)-(j). Extensive event logging as well as optional keystroke recording of access to sensitive information during terminal sessions is provided for any delegated task controlled by PowerBroker Servers. This includes any command- line utilities protected by PowerBroker Servers, such as user provisioning and password commands. Logging of system administrator and operator events meets the requirements of ISO 27002 par. 10.10.4 (a)-(d). The access-control policy definitions are enforced by PowerBroker Servers policy language. Implementation guidelines as specified in ISO 27002 par. 11.1.1 (a)-(k) can be enforced. Through PowerBroker Servers policies, users are given the least privilege needed to do their work. Delegation of privileges meets ISO 27002 par. 11.2.2 (b). User access rights are reviewable through entitlement checking or entitlement reporting. Dissemination and disclosure of passwords are reduced through the granular delegation of privileges. PowerBroker Servers can use PAM modules to authenticate users via external authentication. PowerBroker Servers can also use Kerberos, digital certificates, or SSL to authenticate users. Network segregation and containment is met through policy language settings for user, group, and host-based filtering. When a session is begun, PowerBroker Servers invokes the appropriate PAM session management services. Authentication is supported at both the session and transaction level for terminalbased sessions and applications. Shared or generic accounts are authenticated for each user and can be traced back to that user.

12

PowerBroker Servers and GLBA Compliance

2010. BeyondTrust Software, Inc.

ISO 27002 Reference No. 11.5.4

ISO 27002 Control Statement

Use of system utilities: The use of system utility programs that might be capable of overriding system and application controls should be restricted and tightly controlled. Information access restriction: Access to information and application system functions by users and support personnel should be restricted in accordance with the defined access-control policy. Policy on the use of cryptographic controls: A policy on the use of cryptographic controls for protection of information should be developed and implemented. Protection of system test data: Test data should be selected carefully, and protected and controlled.

11.6.1

PowerBroker Servers Mitigating Controls for GLBA Compliance PowerBroker Servers utilities are protected by UNIX ownership and permissions. Usage is controlled by policy, encryption key, and configuration ACLs. Implementation guidelines meet ISO 27002 par. 11.5.4 (c)-(f). Access control is enforced by policy.

12.3.1

12.4.2

13.1.1

15.1.5

Reporting information security events: Information security events should be reported through appropriate management channels as quickly as possible. Prevention of misuse of information processing facilities: Users should be deterred from using information processing facilities for unauthorized purposes.

PowerBroker Servers enables encryption of eventlogs, keystroke logs, and policy files, supporting a wide variety of encryption protocols. Sensitive consumer information can also be encrypted in motion. PowerBroker Servers protects test data by expressly allowing or denying access to it, based on source or destination systems. This controls the copying or migration of sensitive data. PowerBroker Servers supports alerting through other channels (e.g. system calls, syslog) to report information security events. PowerBroker Servers functions allow customized messages to be displayed to the user prior to authentication or authorization, to deter him from using information processing facilities for unauthorized purposes.

13

PowerBroker Servers and GLBA Compliance

2010. BeyondTrust Software, Inc.

Preparing for a GLBA Audit


The Federal Trade Commission enforces the Safeguards Rule, in accordance with the Interagency Guidelines of the Gramm-Leach-Bliley Financial Services Modernization Act (GLBA). "The FTC conducts compliance audits of financial institutions nationwide to make sure they have reasonable protections in place to safeguard customers' sensitive personal and financial information, as mandated by the GLBA's Rule," according to FTC spokesman Frank Dorman. "These institutions pass if they demonstrate that they have implemented the Rule's requirements." The general requirements include that the firms assess the risks to sensitive customer information and implement safeguards to control these risks; that they select service providers that can maintain these safeguards; that they issue consumer privacy notices; and have proper document disposal procedures. In the announcements of the consent judgments entered into with retail shoe discounter DSW Inc. and BJ's Wholesale Club, the FTC cited the following data security failures: 1. Storing sensitive information in multiple files when the company no longer had a business need to keep the information; 2. Failure to encrypt consumer information when it was transmitted or stored on computers in company stores; 3. Failure to use readily available security measures to limit access to its computer networks through wireless access points on the networks; 4. Storing the information in files that could be easily accessed using a commonly known or default user ID and password; 5. Failure to limit sufficiently the ability of computers on one in-store network to connect to computers on other in-store and corporate networks; and 6. Failure to employ sufficient measures to detect unauthorized access. PowerBroker Servers addresses 3 of these 6 data security failures in whole or in part: Item 2. Failure to encrypt consumer information when it was transmitted or stored on computers in company stores. PowerBroker Servers encrypts consumer information in transit. Item 4. Storing the information in files that could be easily accessed using a commonly known or default user ID and password. PowerBroker Servers can control access with great granularity, and also delegate access rights so avoid the use of a default shared ID.

14

PowerBroker Servers and GLBA Compliance

2010. BeyondTrust Software, Inc.

Item 6. Failure to employ sufficient measures to detect unauthorized access. PowerBroker Servers can limit the number of access attempts and log all failed access attempts. PowerBroker Servers' granular access control and policy language let organizations create access control that proactively prevents many of the causes of data lossa fact that can be explained to an external auditor when reviewing the UNIX and Linux systems PowerBroker Servers secures. As shown earlier, PowerBroker Servers also supports a number of the ISO 27002 control statements, demonstrating a "good faith" attempt at GLBA compliance through the implementation of best-practices security. In a December 2007 benchmark research report including responses from more than 450 organizations worldwide, the IT Policy Institute concluded that "only one in ten organizations12 percentare successfully navigating regulatory audit, with fewer than three compliance deficiencies that must be corrected in order to pass audit." Even more compelling for those facing a GLBA or PCI DSS compliance audit, the data showed a remarkably high correlation between regulatory audit and data protection: "almost all96 percent--of the firms with the best regulatory compliance results are the firms with two or fewer data losses or thefts in the past year." The time and trouble implementing controls that result in a successful audit seems to work as it's supposed to, providing strong security for sensitive data.

Maintaining Compliance and Safe Harbor Protection


If achieving compliance is like ramping up a new business, maintaining compliance is like managing ongoing operations in the face of technology change and the ongoing clarification of compliance requirements by the courts. GLBA enforcement has already begun, and more frequent enforcement may follow the the wide publicity received by such breaches as that suffered by DSW, Inc. Many security experts think adopting a best practices approach to security is the most efficient path to compliance, since the thinking behind best practices remains valid and doesnt change that oftennot as often as evolving regulations, and certainly not as often as newly invented threats. The strong, exclusion by default model PowerBroker Servers uses for access control is an example of security best-practices thinking. Because PowerBroker Servers excludes any action not explicitly permitted, it may help organizations exclude threats that have not yet appeared. A safe harbor is a provision of a statute or regulation that reduces or eliminates a party's liability under the law, on the condition that the party performed its actions in good faith. Once achieved, GLBA compliance must be maintained, since organizations must be able to demonstrate compliance at the time of a breach to

15

PowerBroker Servers and GLBA Compliance

2010. BeyondTrust Software, Inc.

exercise the safe harbor clause. By securing personally identifiable information in databases through access control, and personally identifiable information in PowerBroker Servers logs by encrypting those logs, PowerBroker Servers helps merchants demonstrate continuous GLBA compliance and best-practices security, in intent and in fact.

Conclusion
A recent study by the IT Policy Compliance Group found that 88 percent of all companies had more than three compliance deficiencies requiring remediation. Among these organizations user and application access controls were the leading cause of compliance deficiencies. PowerBroker Servers' highly granular access control addresses this need directly. With PowerBroker Servers, organizations can structure access to satisfy GLBA compliance while creating a best-practices security infrastructure for UNIX and Linux systems. The FTC says the standards embodied in the Safeguards Rule are intended to "ensure the security and confidentiality of customer records and information; protect against any anticipated threats or hazards to the security or integrity of such records; and protect against unauthorized access to, or use of, such records or information that could result in substantial harm or inconvenience to any customer." The Deloitte/Ponemon study found that the five types of technology deployed most oftenby 55-60% of respondentsprovided segregation of duties, intrusion detection and prevention, data classification, and encryption in motion and at rest. PowerBroker Servers enables two of thesesegregation of duties and encryption in motionwith an array of other functionalities to protect private consumer data from insider threat. Through its highly granular delegation of privilege, scalability, and powerful policy language, PowerBroker Servers blocks unauthorized access to consumer financial data, defusing potential threats as mandated by GLBA.

16

PowerBroker Servers and GLBA Compliance

2010. BeyondTrust Software, Inc.

Notes and Citations


Enterprise@Risk: 2007 Privacy and Data Protection Survey, Deloitte & Touche LLP USA, December 10, 2007, p 4. "Study: Breaches of Personal Data Now Prevalent in Enterprises," Tim Wilson, Site Editor, Dark Reading, December 12, 2007. "Controlling UNIX Superuser Privileges Is Critical," Jay Heiser and Ant Allan, Gartner Research, 31 August 2005, p. 1. "Defining Segregation of Duties," Will Kelly, Processor editorial article, November 3, 2006. "Use Vulnerability Management for Controls and Compliance," Mark Nicolett, Paul E. Proctor, and Amrit T. Williams, Gartner Research, 21 July 2006, p. 1. Mike Rothman, President and Principal Analyst of Security Incite, Avoiding Five Big Auditor Gotchas, September 25, 2007. The ISO 27002 Security Directory, at http://www.27002.net/ . " ISO 27002 is of course based upon the 17799 standard, and is described as a set of information security controls describing "best practices in information security". This was later republished as ISO17799 (which was again updated in 2005). This in turn became ISO 27002 in 2007." "Financial Institutions and Customer Information: Complying with the Safeguards Rule," the Federal Trade Commission's Facts for Business Series, last modified June 8, 2007 (see http://www.ftc.gov/bcp/conline/pubs/buspubs/safeguards.shtm ). " FTC's 'Safeguards Rule' Enforcement Illustrates Vital Need For Notary Background Screenings, Training," Nevin Barich, Notary News, National Notary Association, January 5, 2007 (http://www.nationalnotary.org/news/index.cfm?Text=newsNotary&newsID=1098 ). "Core Competencies for Protecting Sensitive Data: Benchmark Research Report," IT Policy Compliance Group, December 2007, p. 26. "Core Competencies for Protecting Sensitive Data: Benchmark Research Report," IT Policy Compliance Group, December 2007, p. 28. "Core Competencies for Protecting Sensitive Data: Benchmark Research Report," IT Policy Compliance Group, December 2007, pp. 33.

17

PowerBroker Servers and GLBA Compliance

2010. BeyondTrust Software, Inc.

Anda mungkin juga menyukai