Organizations that face regulatory compliance audits for standards such as PCI-DSS, HIPAA, NERC, FISMA and others need to prove that they’ve secured their privileged identities.
That’s because each of these standards requires you to:
- Identify and track the location of privileged account passwords
- Delegate so that only appropriate personnel can access privileged accounts
- Enforce rules for password strength, uniqueness and change frequency
- Audit and alert so that requesters, purpose, duration, and other facts are documented.
ERPM lowers the cost and uncertainty of compliance audits by:
- Discovering and changing all default privileged passwords on each existing, new and changed hardware and software asset
- Maintaining minimum complexity and change frequency standards for all privileged account passwords
- Providing authoritative audit trails of all privileged access requests and all protected systems and applications; and proving that individuals who are terminated or change job roles no longer have access
- Documenting a need-to-know when it comes to each privileged access
To learn more about how our solutions can be applied to your regulatory compliance requirements follow the links below.
Sarbanes-Oxley HIPAA PCI DSS
NERC DIACAP CAG NIST