News

RSA Readying Sarbanes-Oxley, HIPAA Compliance Package

RSA Security announced Wednesday that it will ship in June a tool to help IT organizations that are already using the company’s event-logging software to comply with new rules required by the Sarbanes-Oxley Act, HIPAA and other regulations.

RSA Reporting & Compliance Manager provides centralized reporting capabilities aimed at helping customers of RSA ClearTrust more easily comply with the security requirements associated with regulations emanating from recently enacted laws. Reporting and Compliance Manager leverages ClearTrust’s logging capabilities to provide auditing and reporting functions that let organizations report on both past and present access policies, and on user behavior, according to a company statement.

The new package features both pre-built and customizable reports. “RSA Reporting & Compliance Manager interprets log events generated by RSA ClearTrust software and provides consolidated, easy to customize, and exportable reports that can help administrators easily answer complex 'who, when, how, and why' audit questions about user access and authorization” the statement says.

The pre-built reports include ones for policy reports that show who has access to information and applications, policy change reports that demonstrate how an access policy changed over time, including the administrators who made the changes, activity reports that identify who accessed what and when, and intrusion reports documenting unsuccessful access attempts.

Reporting and Compliance Manager consists of four main components. The event collector gathers runtime event logs and administrative event logs from other RSA products, including ClearTrust. A report scheduler generates reports at scheduled intervals, while a reporting console provides charting and reporting functions, with drill-down, filtering and reporting customization capabilities. Finally, a compliance database contains report templates, and data generated from running templates, as well as captured log events from other RSA products.

RSA Reporting & Compliance Manager supports Windows, Solaris and Linux platforms, as well as Oracle and Microsoft SQL Server databases (the same versions that RSA ClearTrust supports). Additionally, ClearTrust 5.5.x is required.

About the Author

Stuart J. Johnston has covered technology, especially Microsoft, since February 1988 for InfoWorld, Computerworld, Information Week, and PC World, as well as for Enterprise Developer, XML & Web Services, and .NET magazines.

Featured

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.

  • Report: Security Initiatives Can't Keep Pace with Cloud, AI Boom

    The increasingly fast adoption of hybrid, multicloud, and AI systems is easily outgrowing existing security measures, according to a recent global survey by the Cloud Security Alliance (CSA) and exposure management firm Tenable.

  • World Map Image

    Microsoft Taps Nebius in $17B AI Infrastructure Deal To Alleviate Cloud Strain

    Microsoft has signed a five-year, $17.4 billion agreement with Amsterdam-based Nebius Group to expand its AI computing capabilities through third-party GPU infrastructure.

  • Microsoft Brings Copilot AI Into Viva Engage

    Microsoft 365 Copilot in Viva Engage is now generally available, extending Copilot's AI-powered assistant capabilities deeper into the Viva platform.