Demonstrate and Enforce Compliance with Regulations and Standards
For organizations whose IT operations must adhere to government regulations and industry standards, Likewise solutions streamline the management of user identities and access in networks with multiple platforms and provide reporting and auditing functionality to help demonstrate and enforce compliance.
Challenges with Regulatory Compliance
SOX, Basel II, HIPAA, HITECH, and PCI DSS top a long list of regulations and standards. When your company is auditing its internal security processes, having the right solution in place is key to help address failed audits.
IT systems and control mechanisms play a central role in compliance. The presence of a network made up of Linux, Unix, Mac, and Windows desktops and servers, either physical or virtual, adds complexity to the burden of passing audits and complying with regulations. A mixed network typically necessitates the use of multiple directory services, adding even more complexity. As a result, many organizations choose to streamline user identity and access control through the use of a single directory service - Active Directory - thereby reducing complexity and helping demonstrate compliance.
Another common problem is the lack of a uniform password policy. The result is that each user has multiple passwords - passwords that do not conform to a policy which prevents them from being cracked. Without a compliant policy, built-in auditing mechanisms do not accurately identify internal or external security threats . Even worse, the lack of strong password requirements can be the downfall of the company's overall IT security, allowing hackers to easily penetrate through weaknesses.
Another common compliance challenge involves the use of Network Information Services (NIS), a legacy client-server directory service for Unix. NIS is insecure - it fails to comply with IT auditing and security requirements. NIS support has been discontinued by Sun, hastening the need for organizations to look for replacement directory services.
Complex environment with multiple identity pools and directory services:
Meeting the Requirements of Regulatory Compliance with Likewise Solutions
Likewise solutions eliminate the need for parallel directory services by using Active Directory (AD) as the directory service. In a network with multiple platforms, including Linux, Unix, and Mac, users can be easily provisioned and deprovisioned using AD. By using Likewise with AD, system administrators can set granular access control policies, group policies for security, and consistent passwords policies that enforce compliance on Linux, Unix, and Mac computers.
Likewise Enterprise also has built-in reporting features that show access privileges and group policy settings for all users, groups, containers, and systems managed. The feature lets administrators, auditors, and security manager generate reports that help demonstrate compliance.
Likewise Enterprise is a cost-effective solution to simplify identity and access management and demonstrate compliance with standards and regulations. Learn more by downloading the Likewise Compliance Solution Kit or contacting your Likewise account representative at sales@likewise.com.
Download valuable whitepapers, case studies, webinars and more. Learn how to demonstrate regulatory compliance across your network.
* Required Field