Network Security Audit

SecureLink operates in environments that require superior security and detailed accountability. The SecureLink platform offers network security audit tools as well as IT security audit tools. We designed our audit tools to deliver a complete view of all activity down to the individual level. For large companies, this ensures their information systems are protected and enables compliance with remote access policy, as well as government regulations. For technology vendors, our audit capabilities are designed to enforce the organization’s remote access policy, focusing on eliminating liability and making their customers feel warm and fuzzy.

High Definition Audit Features Benefits For Enterprises Benefits For Vendors
Real Time Monitoring Always know who is on your network.

Oversee and control activity whenever needed.

Easily manage your technicians and strengthen customer relationships.
Individual Account Level Audit Clearly define responsibility.

Secure authentication requirements create unique activity fingerprints.

Assess individual technician accounts and eliminate finger pointing and confusion.
Comprehensive Activity Reports:
Detailed Log Files
Services Accessed
Files Transferred
Commands Entered
Accountability is clear.

With simple and detailed reports, you can analyze all behavior and efficiently investigate abnormal activity.

Reduce liabilities with customers through advanced activity records.
Video capture of screen sharing/RDP sessions Watch on-demand video of everything that was done during a support session to better understand system issues. Reduce time to resolution through precise capture of previous support sessions.
Email connection notification No more ghosts on your system.

With individual account authentication and email connection notifications, all access can be monitored and tracked in real time.

Promote customer satisfaction and trust through expected behavior and transparency.
Unilateral ability to terminate a session at any time Reduce risks with complete access control.

Discontinue any support activity at any time that is not approved or deemed suspicious.

Enable customer defined and controlled system access for remote support.

 

 
 

Remote Access Policy Compliance

SecureLink manages complexity and enables security by providing a single platform from which to manage remote access policy and connections. Our high-definition network security auditing goes beyond federal vendor access requirements. Multiple levels of identification and authentication, agency defined access and control, comprehensive IT security audit reporting, and real-time monitoring capability for every remote support session all work together to provide easily verifiable proof of compliance.

Legislative Requirement SecureLink Feature
FIPS 200
Access Control
  • Customer configurable
  • Restrict access as to time, scope, function, and file
  • System or user level access rights
  • Unilateral ability to terminate session at any time
  • Audit and Accountability
  • Detailed logging of each support connection session
  • Complete historical reporting
  • Identification and Authentication
  • Multi-level authentication
  • Both sides of connection must authenticate
  • Unique username/password combination for all logins
  • Unique randomly generated key for each connection
  • FIPS 140-2, FIPS 197
    Encrypted Communications
  • Customer configurable encryption
  • AES in 128, 192, and 256 bit modes
  • Triple DES. Meets FIPS certification #918
  • NIST SP-800
    Identification and Authentication
  • Multi-level authentication
  • Both sides of connection must authenticate
  • Unique username/password combination for all logins
  • Unique randomly generated key for each connection
  • Auditable Events
  • Detailed logging of each support connection session
  • Complete historical reporting
  • Content of Audit Records
  • Session information and status
  • Owner registration code
  • Creation date, completion date, session duration
  • Which support technicians participated during the session
  • What services the support technician accessed, what happened, and how long it took
  • Remote Maintenance
  • Authorization, monitoring, and control of all remote access for remote maintenance and diagnostic activity
  • HIPAA
    Access Control, Unique user identification, automatic logoff
  • Multi-level authentication
  • Unique username/password combination for all logins
  • Restrict access as to time, scope, function, and file
  • System or user level access rights
  • Unilateral ability to terminate session at any time
  • Automatic logoff after 10 minutes of inactivity
  • Audit Controls
  • Detailed logging of each support connection session
  • Complete historical reporting
  • Data Integrity
  • Strict control of remote access to limit support related data corruption
  • Detailed audit to identify changes and enable corrections
  • Transmission Security
  • Customer configurable encryption
  • AES in 128, 192, and 256 bit modes
  • Triple DES10
  • Sarbanes-Oxley
    Audit and Accountability, Management Assessment of Internal Controls
  • Detailed logging of each support connection session
  • Complete historical reporting
  • Gramm-Leach-Bliley
    Identification and Authentication
  • Multi-level authentication
  • Both sides of connection must authenticate
  • Unique username/password combination for all logins
  • Unique randomly generated key for each connection
  • Overseeing Service Provider Arrangements
  • Authorization, monitoring, and control of all remote access for remote maintenance and diagnostic activity
  • Customer configurable remote access control
  • Restrict access as to time, scope, function, and file
  • System or user level access rights
  • Unilateral ability to terminate session at any time
  • PCI DSS
    Password Control
  • Unique username/password combination for all logins
  • Unique randomly generated key for each connection
  • Secure Data Transmission
  • Customer configurable encryption
  • AES in 128, 192, and 256 bit modes
  • Triple DES
  • Unique ID
  • Multi-level authentication
  • Both sides of connection must authenticate
  • Unique username/password combination for all logins
  • Unique randomly generated key for each connection
  • Monitor Network Access
  • Authorization, monitoring, and control of all remote access for remote maintenance and diagnostic activity
  • Customer configurable remote access control
  • Restrict access as to time, scope, function, and file
  • System or user level access rights
  • Detailed logging of each support connection session
  • Complete historical reporting