Compliance

Standards Compliance Protects Your Data Integrity and Network Assets

Because you rely on your IT infrastructure to maintain data integrity and protect your business from financial losses, it’s a good idea to comply with legislated standards by investing in network monitoring and maintenance.

But compliance doesn’t have to be complex and expensive. Acendex can help. We know the standards and our complete managed services model enables us to quickly identify any areas of your network that do not comply.

To assess your level of current compliance, we’ll conduct a non-intrusive network audit that focuses on the seven key areas listed below. It’s a great way to establish a baseline for making improvements.

These seven areas (known as SAS70) have been defined by the American Institute of Certified Public Accountants.

IT Requirement	Acendex Advantage
Controlled Environment	Best Practices, Network Health Monitoring, Roles and Permissions Management, 24x7 Monitoring, Patch Management
Physical Security	SNMP-based Monitoring, Event Logging, Asset Discovery
Disaster Management	Readiness Planning via Reports, Performance Monitors, Backup Management, Collaborative Services
Availability	Continuous Monitoring, Remote Management, Deep Monitoring of Critical Servers
Information Security	ISO17799-Compliant Solution, Password Controls, Auditing, Intrusion Detection, Vulnerability Assessment
Network Security	Firewall Management, MBSA Integration
Network Health Visibility	Summary Reports, Asset Inventory, Capacity Planning, Customer Dashboards

From an IT perspective, compliance regulations ensure accurate risk disclosure to investors and safeguard misuse of personal information.

Companies must have effective processes in place that focus on security, privacy and risk assessment.

Act Name and Description	Applies To	Company Role
Sarbanes-Oxley (Sarbox) Manage a secure and controlled infrastructure for data, processes and historical information	Global Public Companies	Security, Risk Management Monitoring for security, virus and intrusion detection, vulnerability management and user authentication. Asset management and error logging for audit trails.
Gramm-Leach-Billey (GLBA) and the The New Capital Accord (Basel II) Implement systems for security and authorized access and builds safeguards against threats and hazards	Global Finance Sector	Security, Patches, Planning 24x7 monitoring for security breaches and vulnerabilities using industry security standards. Alerts, patch management and remote manage- ment help ensure network availability.
Federal Food & Drug (l-CFR-ll((l-CFR-ll) Ensure security, integrity, and availability of information. This is of particular concern to the healthcare industry that relies on the accuracy of patient/product information.	US Healthcare Sector	Security, Availability Secure environments and authenticated users. Reports indicate overall network health and help ensure the availability of data
Payment Card Industry Data Security Standard (PCI-DSS) Ensures network standards to reduce vulnerabilities and protect cardholders from fraud. Five goals: maintain secure networks; protect transaction data; reduce vulnerabili- ties; implement strong access control measures; and regularly monitor and test networks.	Global Credit Card Merchants	Security, 24/7 Monitoring Managed Workplace provides a Central Dashboard to monitor 24/7 any intrusion, or authorized access, as well as system failures that could impact prompt response.
Notification of Risk to Personal Data Act (NORPDA -US (ooy), European Data Protection Directive (EUDP) Ensures that an agency notifies individuals if their personal information has been acquired by an unauthorized source. The impact to IT is to improve security and reporting systems.	US and Europe Any company	Security, Monitoring We can instantly detect and warn about unauthorized access. Remote management allows for rapid action against intrusion. Patch management ensures up-to-date system security.
The Health Information Portability & Accountability Act (HIPAA) Ensures patient record privacy by improving IT security and interoperability of information systems, as well as improved reporting systems.	US Healthcare Sector	Privacy, Availability, Reporting Best-in-class tools to ensure security and availability of network systems, as well as protecting them from unauthorized entry.
Personal Information Protection & Electronic Documents Act (PIPEDA) Balances an individual's right to the privacy of personal information with the need of organizations to collect, use or disclose personal information for legitimate business purposes.	Canada Any company	Privacy, Reporting Best-in-class tools to ensure security and availability of network systems, as well as protecting them from unauthorized entry.

Contact Us Today



Office

Commerce Park V,
23250 Chagrin Boulevard, Suite 200
Cleveland, Ohio 44122



Hours

M-F: 8:00 am - 5:00 pm



Call Us

216.292.GURU (4878)