Enforcive/Enterprise Security

Enforcive/Enterprise Security is the single most comprehensive and easy to use security and compliance solution for IBM's System i ®. With nineteen fully integrated GUI-controlled security, reporting and compliance modules, this software suite enables system administrators and auditors to easily manage security and compliance tasks efficiently and effectively.

Managing Security: Beyond the Green Screen

In response to today's world of privacy breaches, complex regulatory requirements and evolving threats, Enforcive's Enterprise Security suite enables security officers to identify suspicious behavior on the network, drill down to the appropriate user or object and take appropriate action quickly. The enterprise-wide perspective significantly enhances your current green screen reporting capabilities.

Graphical User Interface: Empowering Security

The Enterprise Security GUI allows users to evaluate and act on security events in real-time. IT security officers can monitor high-level policies enterprise-wide and drill down to the user or object level in a matter of seconds.
Enforcive GUI

Locking Down System i

Enforcive/Enterprise Security gives you peace of mind regarding System i ® lock down. Easily protect your exit points, manage user profiles and implement group policies for all of your enterprise systems. Lockdown is first performed in "warning mode" to allow for the gathering of pertinent security events and patterns to emerge. Once thorough analysis has been conducted, security lockdown and access control can commence through the use of the following modules:

Application Access Control:

  • Comprehensive exit point control

  • Flexible user profile and group permissions

  • Authorization by IP address range

  • Granular access management down to library, object, object group and IFS

  • Account swapping for adopted authority

  • Replication of policies across multiple servers

  • File protection that prevents power user access

Application Analyzer:
  • A graphical security event analyzer with event drill down capabilities

User Profile Manager:
  • GUI-based control of native object authority

Session Time-Out & Inactive User Control:
  • Account-specific session time-out and inactive user policies to ensure proper login access with ad hoc restoration of deleted user profiles

Multiple System Management

Managing security by grouping systems, significantly reduces reporting overload and simplifies enterprise level security policy implementation via:

  • Access Control Policy Replication to remote systems

  • User Profile Propagation across systems

  • Cross-System Compliance reporting and auditing
 

Reports Your Auditors Will Appreciate

Enforcive's Report Generator gives you control over integrating and presenting system data to meet the specific needs of your organization. Information such as power user activities, changes to sensitive data and system by system comparisons can be organized to best meet audit criteria using scope definitions, field selection, filter criteria, field sorting and Boolean Logic. Once created, these reports can be sent to your auditors in PDF, HTML and CSV formats.

Field-Level Auditing

Enforcive's field level auditing provides comprehensive tracking with "Before" and "After" images for monitoring changes to sensitive data.

Template-Based Compliance Management

Demystify the difficult task of enterprise-wide compliance management and deviation monitoring with easily defined templates that address regulatory requirements such as PCI, SOX, HIPAA and GLBA.

Compliance Deviation Monitoring and Enforcement

Once compliance templates are in place, system administrators, security officers and auditors can view deviations from compliance policy throughout the enterprise. Enforcing compliance rules can be achieved with the click of a mouse. Some of the benefits of managing compliance through Enforcive's templates include:

  • Improved Synergy between Business and Technology Units

  • Accelerated Compliance Timelines

  • Protection of Consumer Data (PCI, State Privacy Regulations)

  • Ensuring Data Integrity

  • Centralized Security Policy Enforcement (PCI, SOX, GLBA, Canadian Bill 198)

  • Streamlined Management of User Capabilities (SOX, HIPAA, Basel II, COBIT)

  • Segregation of Duties

Enabling Enterprise-Wide Compliance

Enforcive/Enterprise Security assists diverse teams in unifying their compliance efforts by eliminating redundancy and reducing the complexity of regulatory adherence. Compliance can be achieved by using:
  • Policy Compliance Manager- Template-based control of native definitions, deviation reporting and remediation
  • Alert Center- Intrusion detection System (IDS) providing instant alerts for compliance deviations
  • SOX Compliance Toolkit- Essential reports and alerts addressing Sarbanes-Oxley requirements
  • Administration Role Manager- Tailor specific security administration roles to facilitate separation of duties
  • Help Desk Assistant- Offload your help desk tasks while maintaining security and compliance requirements

Compliance Driven Alerts

Enforcive provides a host of alerting and intrusion detection tools to enable real-time security and compliance monitoring through the use of e-mail and text messages. Also included are A.I.-driven system responses such as disabling a user or revoking special authority status for particularly egregious violations.