CobiT was first released in 1996 with a mission to “research, develop, publicize and promote an authoritative, up-to-date, international set of generally accepted information technology control objectives for day-to-day use by business managers and auditors.” CobiT acts as an information standard and helps the business to gain a better understanding of its IT systems, providing measures, indicators and best practices to help develop appropriate levels of security and control in order to protect the organization.
The Business Challenge
Although CobiT can provide a foundation on which to base IT related decisions, organizations still need to identify the IT control issues within their infrastructure. Key challenges include:
- Ensuring that by implying ‘best practice’ controls your organization also meets its own industry regulations
- Identifying the appropriate levels of security and control for the business
- Enabling adequate monitoring and reporting of security information in order ascertain the effectiveness of any security and control policy
The Safestone Solution
Safestone’s Security Manager is a modular and integrated approach that can help define, manage and report on security policy compliance enabling future audits to be passed simply, quickly and efficiently.
Security Audit & Detection can help management find the right direction for developing compliance policies by converting raw System i data into relevant security information and instantly notifying any regulatory non-compliance or security issues.
Risk & Compliance Monitor has market-leading specific reporting tools and features that enable the organization to provide detailed auditing and thereby design policies accordingly. Reports can immediately identify compliance vulnerabilities and can be scheduled to run in line with overall security policy.
Ensuring that critical data sources held on the System i are protected is a key part of compliance. Without adequate controls unauthorized staff may gain access to sensitive information and use it to their advantage. Network Traffic Controller ensures that only the right personnel can actually access and use specific data.
Multiple Systems Administrator allows you to centralize administration of networked System i servers and partitions through a single point of control. Deployment and administration costs are significantly reduced, while resources are optimized and consistency is assured
Controlling the user lifecycle can significantly enhance security and User Profile Manager provides flexibility to easily manage profiles and passwords across System i. In addition the inability of a user to perform their IT functions because of profile or password issues is a situation that must be avoided. Password Self Help enables users to reset their own passwords without the need to call the Help Desk.