Blackbird Solutions for Compliance

FISMA Compliance Solutions - Blackbird Management Suite

  • Print

The Federal Information Security Management Act of 2002 mandates that all federal agencies must develop, document, and implement agency-wide programs to provide security for information and information systems - including those provided or managed by another agency or contractor. As a result, network administrators must review, develop, and implement access controls in order to bring a Windows network into compliance.

Continual checks throughout the year are required to ensure that these established controls are in place and are effective throughout the agency and its partners, in addition to an annual review of all internal controls with extensive reporting to auditors.

The Blackbird Solution:

Blackbird brings a new level of accountability, consistency, and automation to access management in order to help agencies achieve and stay FISMA compliant, without creating an unsustainable burden on their IT resources and budget.

The identity management, recovery and auditing capabilities of Blackbird provide process, and reporting for several FISMA controls including:

Audit and Accountability (AU)

Implementing technologies to provide better insight, refine reporting metrics, and reduce workload will go a long way with auditors while increasing the effectiveness of your compliance security program.

For Active Directory, Group Policy, and the Windows File System, administrators need fast, easy, and accurate answers to four critical questions provided by Blackbird's built-in security and compliance reporting library:

WHO made changes?

WHAT changes were made?

WHERE were changes made?

WHEN were changes made?

Contingency Planning (CP)

Blackbird enables organizations to track changes and to instantly recover from unauthorized or inadvertent changes that can impact availability of directory services, applications and other resources.

Blackbird quickly and easily restores deleted objects and rolls back to any previous state using the only continuous data protection (CDP) mechanism for Active Directory available today.

Access Control (AC)

Throughout FISMA, there's an emphasis on protecting information rather than systems.

With Blackbird, IT, data owners, and audit teams can see who has access to what, how and when they got that access, to instantly determine whether policy objectives are being met.

Blackbird automates agency-wide reporting on user entitlements and access. All access changes are stored in a centralized auditing database, and automated reports can be sent directly to administrators, security officers, and business data owners on a set schedule.

Identification and Authentication (IA)

Document your provisioning processes, and create audit trails, for all Active Directory and Windows file systems that secure and provide access to financial information.

Security teams can create customizable workflows that automate the creation, review, and approval of entitlements and roles - putting true accountability in the hands of the data owners.

Configuration Management (CM)

FISMA requires continuous monitoring of certain controls, such as system changes, configuration management, ongoing assessments of security controls, and reporting activities. Monitoring and reporting can be costly and overwhelming.

With Blackbird, organizations can audit, alert, and instantly recover from changes to Active Directory, Group Policy, and File permissions that can affect the security of desktops and servers hosting sensitive data and/or applications.