FISMA

FISMA /NIST 800-53 The Federal Information Security Management Act of 2002 (FISMA) is a US federal law initiated to bolster computer and network security within the Federal Government and affiliated parties (i.e. government contractors).

The Business Challenge

Within the FISMA Act are special NIST 800-53 guidelines on how organizations should implement security controls and provides a management framework of IT controls which can be implemented as policy and assessed accordingly for compliance. They include:

The Safestone Solution

Safestone’s Security Manager is a modular and integrated approach that can help define, manage and report on security policy compliance enabling future audits to be passed simply, quickly and efficiently. This, the very latest in compliance and audit software, can remove the burden of documentation, reduce IT costs and streamline the complete reporting process for companies looking to pass or continue their FISMA compliance audits.

Adequate controls need to be implemented on the System i to maintain the reliability of corporate data and to provide assurance that the data is trustworthy. Security Audit & Detection puts controls in place and prevents data being manipulated and corrupted.

With Risk & Compliance Monitor organizations can immediately identify policy compliance vulnerabilities across System i and automatically run reports.

Without adequate controls, unauthorized staff may gain access to sensitive information and use it to their advantage. Network Traffic Controller ensures that only the right personnel can actually access and use specific data.

Multiple Systems Administrator allows you to centralize administration of networked System i servers and partitions through a single point of control. Deployment and administration costs are significantly reduced, while resources are optimized and consistency is assured

Controlling the user lifecycle can significantly enhance security and User Profile Manager provides flexibility to easily manage profiles and passwords across System i. In addition the inability of a user to perform their IT functions because of profile or password issues is a situation that must be avoided. Password Self Help enables users to reset their own passwords without the need to call the Help Desk.