GLBA compliance solutions & services
LevelBlue Unified Security Management (USM) provides a fast, cost-effective way for teams with limited security staff and budget to meet their GLBA compliance needs.
Unify your defenses and simplify GLBA compliance
Banks, credit unions, and other financial services firms have a legal obligation to protect consumer information. The Gramm-Leach-Bliley Act (GLBA) of 1999 outlines these specific responsibilities in the interest of consumer privacy. These requirements mandate that US-based financial institutions create an information security program to:
- Ensure the security and confidentiality of customer information;
- Protect against any anticipated threats or hazards to the security or integrity of such information; and
- Protect against unauthorized access to or use of customer information that could result in substantial harm or inconvenience to any customer.
The Federal Financial Institutions Examination Council (FFIEC) supports this mission by providing extensive, evolving guidelines for compliance. The FFIEC IT handbook outlines these specific requirements, and we’ve mapped these against LevelBlue’s Unified Security Management capabilities.
Achieving compliance with GLBA is far from trivial. It requires implementing essential security controls for asset configuration, vulnerability assessment, threat detection, behavioral monitoring and log management. And that’s not all. IT staff then needs to monitor these controls and correlate the data being produced by them - across the entire network, in real-time. Traditional security products only perform one or two of these functions, leaving the security analyst left with figuring out how to make these disparate tools work together to provide a single, unified view into the security posture.
Leveraging field-proven technologies, LevelBlue USM provides users with an automated offering for Asset Discovery, Vulnerability Assessment, Intrusion Detection, Behavioral Monitoring, Security Intelligence & Event Management (SIEM) and integrated threat intelligence from LevelBlue Labs.
Discover How LevelBlue's USM Supports GLBA Compliance
Security Process
- Asset Discovery and Inventory
- Vulnerability Assessment
- Network Intrusion Detection (IDS)
- Host Intrusion Detection (HIDS)
- File Integrity Monitoring (FIM)
- Log Management
- SIEM / event correlation
- Executive dashboards and reports
- Built-in asset discovery, vulnerability assessment, intrusion detection, behavioral monitoring, and SIEM provides a complete picture of your risk posture, within minutes of installation
- Accurate and consolidated asset inventories combined with real-time vulnerability assessment data is essential for auditor reviews and assessments
- Accelerated audit procedures because complete visibility begins as soon as you install LevelBlue USM
Information Security Risk Assessment
- Asset Discovery and Inventory
- Vulnerability Assessment
- Network Intrusion Detection (NIDS)
- Host Intrusion Detection (HIDS)
- File Integrity Monitoring (FIM)
- SIEM / event correlation
- Behavioral Monitoring
- Log Management
- Executive dashboards and reports
- Built-in asset discovery, vulnerability assessment, intrusion detection, behavioral monitoring, and SIEM reduces the cost and complexity of compliance
- Unified log review and analysis, with triggered alerts for high risk systems
- Customized, context-specific alerts provide remediation guidance that tell you exactly what to do, rather than add to the noise
- Integrated threat intelligence created by LevelBlue Labs and community-generated threat data from the Open Threat Exchange™ (OTX)
Information Security Strategy
- Asset Discovery and Inventory
- Vulnerability Assessment
- Network Intrusion Detection (IDS)
- Host Intrusion Detection (HIDS)
- File Integrity Monitoring (FIM)
- SIEM / event correlation
- Behavioral Monitoring
- Log Management
- Automatically discover all assets via built-in asset discovery—highlight high value assets based on available services, configuration and traffic generated
- Validate effectiveness of layered controls through built-in essential security such as asset discovery, vulnerability assessment, file integrity monitoring, IDS, log management and more
- Monitor changes to critical files with built-in File Integrity Monitoring
- Securely store raw event log data for investigation and forensic analysis
Security Controls Implementation – Access Control
- Asset Discovery and Inventory
- Vulnerability Assessment
- Network Intrusion Detection (IDS)
- Host Intrusion Detection (HIDS)
- File Integrity Monitoring (FIM)
- SIEM / event correlation
- Behavioral Monitoring
- Built-in, automated vulnerability assessment identifies the use of weak and default passwords
- Built-in host intrusion detection (HIDS) and File Integrity Monitoring will signal when password files and other critical system files have been modified
- Unified security intelligence connects critical, yet related events across systems such as a password change followed by exfiltration of data from the same device
- Built-in NetFlow analysis monitors network traffic and protocols to identify anomalous activity and policy violations
Security Controls Implementation – Physical and Environmental Protection
- Asset Discovery and Inventory
- Log Management
- SIEM / event correlation
- Built-in and automated asset discovery will identify all IP-enabled physical security systems (keycard / proximity card devices)
- LevelBlue’s Logger will record all physical security access events logged by proximity card systems for correlation with other logical systems (access to servers in data center)
Security Controls Implementation – Encryption
- Host Intrusion Detection (HIDS)
- File Integrity Monitoring (FIM)
- Behavioral Monitoring / NetFlow analysis
- SIEM / event correlation
- Built-in host IDS enforces server security policies including encryption for critical system files and sensitive data
- File Integrity Monitoring monitors any changes to critical files including decryption and re-encryption
- Unified NetFlow analysis and event correlation monitors traffic and issues alerts on unencrypted traffic to/from sensitive data resources
- LevelBlue’s USM will detect and alert when encryption or decryption procedures are not implemented correctly
Security Controls Implementation – Malicious Code Prevention
- Asset Discovery and Inventory
- Vulnerability Assessment
- Network Intrusion Detection (IDS)
- Host Intrusion Detection (HIDS)
- File Integrity Monitoring (FIM)
- SIEM / event correlation
- Behavioral Monitoring
- Log Management
- Situational Awareness
- Built-in vulnerability assessment discovers hosts and applications that may be vulnerable to malware and other exploits
- Built-in threat detection (IDS and HIDS) detects and alerts on potential infections and exposures
- File Integrity Monitoring alerts on changes to critical files which could signal malicious intent or malware infection
- Unified essential security delivers the security intelligence required to respond to and contain malware outbreaks
Security Controls Implementation – Systems Development, Acquisition and Maintenance
- Asset Discovery & Inventory
- Vulnerability Assessment
- Host Intrusion Detection (HIDS)
- File Integrity Monitoring (FIM)
- Automated asset discovery provides a complete and dynamic asset inventory—critical for identifying all operational software including systems in development
- Built-in vulnerability assessment identifies which systems require patches, updated software or re-configuration.
- Host IDS and file integrity monitoring identify and alert on changes to critical software
Security Controls Implementation – Personnel Security
- Asset Discovery & Inventory
- Log Management
- Behavioral Monitoring
- SIEM / event correlation
- Built-in asset discovery and inventory provides granular details on device configuration, installed software, and ownership details to track users with associated devices
- Log management provides secure storage of raw event log data for detailed audit trails of user activity
- Built-in behavioral monitoring identifies suspicious user activity and alerts on policy violations and potential insider threats
Security Controls Implementation – Data Security
- Asset Discovery & Inventory
- Vulnerability Assessment
- Network Intrusion Detection (IDS)
- Host Intrusion Detection (HIDS)
- Log Management
- File Integrity Monitoring (FIM)
- SIEM / event correlation
- LevelBlue USM provides continuous capture and real-time monitoring of a broad range of data, including: events/ logs; configuration data; asset data; vulnerability data; and network flow data
- Built-in host IDS can be implemented on systems with highly sensitive data to ensure data integrity, availability and confidentiality
- File Integrity Monitoring alerts on changes to critical files which could signal a threat
- Built-in threat detection, behavioral monitoring and event correlation signals information leakage and other attacks in progress—for example, unauthorized access followed by additional security exposures such as sensitive data exfiltration
- Centralized, role-based access control for audit trails and event logs preserves “chain-of-custody” for data forensics and investigations
Security Monitoring – Activity Monitoring
- Network Intrusion Detection (IDS)
- Host Intrusion Detection (HIDS)
- File Integrity Monitoring (FIM)
- Log Management
- SIEM / event correlation
- Built-in HIDS will alert on policy violations such as attempted use of external storage media on critical systems (e.g. USB drives)
- Built-in File Integrity Monitoring captures anomalous changes to critical files
- Event correlation rules provide the situational awareness needed to identify potential data exfiltration
Security Monitoring – Condition Monitoring
- Asset Discovery & Inventory
- Vulnerability Assessment
- Service Availability Monitoring
- Built-in asset discovery provides dynamic inventory of all devices on the network and all software installed
- Continuous vulnerability monitoring identifies all vulnerabilities targeting critical systems, servers, applications and network devices
- Built-in service availability monitoring detects critical service interruptions that could signal a threat
Security Monitoring – Analysis and Response
- Asset Discovery & Inventory
- Vulnerability Assessment
- Network Intrusion Detection (NIDS)
- Host Intrusion Detection (HIDS)
- File Integrity Monitoring (FIM)
- SIEM / event correlation
- Behavioral Monitoring
- Log Management
- Dynamic Incident Response Templates
- Built-in asset discovery, vulnerability assessment, intrusion detection, behavioral monitoring, and SIEM accelerates and simplifies the incident response process
- Unified log review and analysis, with triggered alerts for high risk systems
- Customized, context-specific alerts provide remediation guidance that tell you exactly what to do next when responding to incidents
- Integrated threat intelligence created by LevelBlue Labs and community-generated threat data from the Open Threat Exchange
Security Process Monitoring and Updating
- Asset Discovery & Inventory
- Vulnerability Assessment
- Network Intrusion Detection (NIDS)
- Host Intrusion Detection (HIDS)
- File Integrity Monitoring (FIM)
- SIEM / event correlation
- Behavioral Monitoring
- Log Management
- Executive dashboards and reports
- Built-in asset discovery provides dynamic inventory of all devices on the network and all software installed
- Continuous vulnerability monitoring identifies all vulnerabilities targeting critical systems, servers, applications and network devices
- Unified security management enables continuous monitoring and process improvement through alerts, assessments, executive dashboards and reports