Compliance is one of those subjects that keeps a lot of people up at night. It doesn’t matter what the compliance driver is, whether it’s SOX, PCI, NERC-CIP, HIPAA, etc. Or even if it’s some form of internal compliance policy. Compliance always means the same thing, more demands on us to follow rules and then prove that we have, indeed, followed them.
For both IT/OT operations, the biggest compliance challenge is documenting what privileged users do. Often, this falls into the Change Management bucket. Traditionally there are two things we can do to document what Privileged Users do. The first is to pull information from log files which include information about logins, logoffs, and whatever else is written to a log file while a privileged user is actively logged-on. In years past this information was “good enough” but that has changed, and the implications can be – painful.
The change I am referencing is the requirement to document all activities of privileged users. Gathering log file data only tells us system-generated messages in response to a privileged user’s actions, not what they ‘actually did’. In most cases that information is insufficient to really know what actions the privileged user performed (what commands they executed). This takes us to the traditional change management practice, requiring Privileged Users to manually document all their activities.
How well do you think that works from a compliance perspective? Right, not very good at all. Missing records, inaccuracies, and inconsistencies will happen. Typically, Privileged Users prefer not to produce manual documentation and the time spent doing so takes away from other IT/OT business projects. So, the situation creates poor record keeping, and frustrated Privileged Users.
ConsoleWorks solves this problem. The Platform sits between Privileged Users and privileged interfaces, ConsoleWorks can capture every Privileged Users’ keystroke activity. Digitally signed records are automatically produced, eliminating the need to manually document anything – meeting the needs of the most stringent compliance or auditor requirements. Happy auditor, and happy users.