Producing reports to meet compliance mandates is no easy task. You are expected to produce regular detailed reports to suit a variety of mandates for different situations. There is no definitive list of compliance reports, but here are 10 of the most major reports which we commonly see asked for with regulatory compliances like FISMA, GLBA, HIPAA, PCI, SAS, and SOX.
1. Group membership modifications
It’s through group memberships that accounts are given the rights to create distribution lists or to access network resources. So it’s critical to know when user or computer accounts are added to a security group or distribution group. Group Membership Modified reports are important from the point of view of FISMA, GLBA, HIPAA, PCI, SAS, and SOX compliance.
2. Group policy modifications
A change in group policy alters the way users can access and use on the network resources. So audits on group policy modifications is important for GLBA, PCI, SAS, and SOX compliance.
3. Computer modifications
Any modification, especially assignment of group policy permissions and delegation of administrative tasks, should be monitored closely. Auditing computer modifications is important for HIPAA, PCI, and SOX compliance.
4. Group modifications
One of the common reports for PCI and SOX is ensuring you can audit any modifications with regards to Active Directory Groups.
5. Trust policy modifications (shows all modified domain trusts)
Often required for those trying to meet FISMA and PCI compliance. Essentially the auditors will want to see that you are able to identify changes in domain trusts to help you block unrestricted access to a domain from other domains.
6. User expiry modifications (shows all user accounts with modified expiry date)
Keeping an eye on user accounts is essential to stop insider and outsider attacks on critical IT assets. Any change in user expiry settings should be checked for validity. This auditing helps in complying with FISMA, HIPAA, and PCI regulations.
7. Object's dial-in attribute modifications
Correct dial-in attributes allow user a computer to connect to the network. Any change in these properties should be noticed by auditors for FISMA and HIPAA compliance.
8. Object permissions modifications
Permissions allow users or user groups to read, write or perform any action on AD objects. By auditing modification to object permissions, you can protect against data misuse from insider or outsider threats. This auditing helps you comply with HIPAA and PCI regulations.
9. Shared folder modifications
In a file server environment data security is ensured through auditing shared folder modifications. It ensures that unauthorised users don’t get access to the data in shared folders. These reports help in meeting GLBA, HIPAA, and PCI compliance.
10. Audit policy modifications
An important report for FISMA and PCI compliance is ensuring you have the ability to audit changes made to audit policies.
This is by no means an all-inclusive list of compliance reports for which you may be asked. Producing detailed enough reporting to meet these standards using native processes alone can be a daunting task. The reports listed here are 10 of the most common compliance mandates that we see companies struggling to regularly produce natively. If your organisation is stretched for time, or you just want a simpler way to produce regular compliance reports, then it may make more sense for you to deploy a third-party solution for this.
Satyendra Tiwari, product specialist, Lepide Software