File Integrity Monitoring (FIM)
Monitoring your files and systems provides valuable insight into your technical environment and provides an additional layer of data security. File integrity monitoring (FIM) is a service that can monitor any changes made to your files.
FIM is highly customizable - manage how and what kind of alerts you receive, and choose which folders and files you want to monitor.
How does it work?
An agent, or software (OSSEC), is installed on a server and configured by the client. Direct logging is sent to the security management console (managed by Online Tech). Companies will be alerted directly of any anomalies and can customize their alert settings.
Why use it?
FIM is recommended for anyone that is concerned about security. FIM is required in order to meet PCI DSS compliance. PCI requirement 10.5 requires companies to secure audit trails so they cannot be altered. Specifically, sub-requirement 10.5.5 states,
Use file-integrity monitoring or change-detection software on logs to ensure that existing log data cannot be changed without generating alerts (although new data being added should not cause an alert).
Requirement 11 requires regular testing of security systems and processes. Specifically, sub-requirement 11.5 states,
Deploy file integrity monitoring tools to alert personnel to unauthorized modification of critical system files, configuration files or content files. Configure the software to perform critical file comparisons at least weekly.
FIM is also recommended for additional security and to help meet HIPAA compliance. The HIPAA standard §164.312(b) states:
Implement hardware, software and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information.
Other HIPAA standards (§164.312(c)(1) and §164.312(c)(2)) require procedures to protect ePHI from improper alteration or destruction, and to corroborate that ePHI has not been altered or destroyed in an unauthorized manner. FIM can help meet these standards by tracking files and user activity within a system.
What are the benefits?
- It provides additional security with the ability to track change management, including registry changes.
- Provides notifications and alerts that can help the client remediate the situation quickly.
- Customizable to monitor specific files – this can be managed by the client.
Download our File Integrity Monitoring (FIM) datasheet today.