System Security – IT Audit Applications for ACL

 2011-10-01

System Security – IT Audit Applications for ACL

System security is the first line of defence against fraud and error but it doesn’t prevent the most determined from undertaking malicious activities. Policing is sometimes the only way to detect breaches of policy or the use of inappropriate settings.

ACL as a power tool can help to perform a battery of tests. Perhaps you want to identify changes to key security parameters, or correlate the various system security logs? Perhaps you want to investigate suspicious activity, e.g. unusual times, frequency and duration to generate leads. Maybe it’s the monitoring of incoming and outgoing activity by IP address that’s important to you?

• Automatically identify inappropriate security settings, or changes to key security parameters
• Correlate distributed security logs and look for suspicious activity (e.g, unusual time, duration, frequency)
• Stratify incoming and outgoing activity by IP address to identify suspicious activity
• Validate system-level controls in databases, operating systems, and applications, including:
  • validity of user IDs
  • identification of potential user IDs
  • identification of “stale”, common, or easily broken passwords
• Identify activation of previously-inactive IDs

ACL can also help to validate system-level controls in databases, operating systems and applications – helping audit staff to police the validity and use of active IDs, to detect shared or reactivated accounts, or those with common or easily broken passwords. Whatever it is you want to do, ACL can help.