Organizations that face regulatory compliance audits for standards such as PCI DSS, HIPAA, NERC, FISMA and others need to prove that they’ve secured their privileged identities.
That’s because each of these standards requires you to:
- Identify and track the location of privileged account passwords
- Delegate so that only appropriate personnel can access privileged accounts
- Enforce rules for password strength, uniqueness and change frequency
- Audit and alert so that requesters, purpose, duration, and other facts are documented.
ERPM lowers the cost and uncertainty of compliance audits by:
- Discovering and changing all default privileged passwords on each existing, new and changed hardware and software asset
- Maintaining minimum complexity and change frequency standards for all privileged account passwords
- Providing authoritative audit trails of all privileged access requests and all protected systems and applications; and proving that individuals who are terminated or change job roles no longer have access
- Documenting a need-to-know when it comes to each privileged access
To learn how our solutions can be applied to your regulatory requirements see the table below or click the links at the bottom of the page.
Sarbanes-Oxley HIPAA PCI DSS NERC