Audit & Compliance

Ensure Regulatory Compliance with SecureLink’s Network Security Audit

Protect your data

For both enterprise organizations and third-party technology vendors, protecting data is imperative. There’s no shortage of bad actors who are constantly searching for new ways to steal data. Data security – especially in highly regulated industries – involves more than secure connections. It means having visibility into all remote access actions, ensuring policies, and staying compliant.

Network security audit features

The SecureLink platform offers network security audit tools and IT security audit tools designed to deliver a complete view of all third-party remote access activity at the individual level. With SecureLink’s audit functionality, enterprise organizations can ensure vendor accountability and compliance with industry regulations. Technology vendors can prove the exact who, what, where, when, and why of any remote support session.

Remote access policy compliance

Compliance is an issue that enterprise businesses and third-party technology providers must deal with on a daily basis. SecureLink makes compliance painless with a single platform to manage both remote access policy and connections. Our high-definition network security auditing goes above and beyond federal vendor access requirements, with multiple levels of identification and authentication, agency-defined access and control, comprehensive IT security audit reporting, and real-time monitoring capability for every remote support session.

Find out how secure third-party remote access can be.

Real-Time Access Notifications

Know every time a vendor connects

Contextual Information

Understand why a vendor is connecting

Individual User Activity Audit

Actively tied to individual users

File Transfer

Specifics on any file access, transfer, delete, etc.

SSH Auditing

Captures SSH commands

Desktop Sharing Recording

Full video recordings of any end-user support sessions

RDP Session Recording

Full video recording of RDP sessions

Database Command Capture

Capture of all database commands and queries

Legislative Requirement
SecureLink Feature
FIPS 200
Access control
  • Customer-configurable
  • Restrict access by time, scope, function, and file
  • System or user-level access rights
  • Unilateral ability to terminate session at any time
Audit and accountability
  • Detailed logs of each support connection session
  • Comprehensive historical reporting
Identification and authentication
  • Multi-level authentication
  • Both sides of connection must authenticate
  • Unique username/password combination for all logins
  • Unique randomly generated key for each connection
FIPS 140-2, FIPS 197
Encrypted communications
  • Customer-configurable encryption
  • AES in 128, 192, and 256-bit modes
  • Triple DES. Meets FIPS certification #918
NIST SP-800
Identification and authentication
  • Multi-level authentication
  • Both sides of connection must authenticate
  • Unique username/password combination for all logins
  • Unique randomly generated key for each connection
Audit events
  • Detailed logs of each support connection session
  • Complete historical reporting
Content of audit records
  • Session information and status
  • Owner registration code
  • Creation date, completion date, session duration
  • Which support technicians participated during the session
  • What services the support technician accessed, what happened, and how long it took
Remote maintenance
  • Authorization, monitoring, and control of all remote access for remote maintenance and diagnostic activity
HIPAA
Access control, unique user identification, automatic logoff
  • Multi-level authentication
  • Unique username/password combination for all logins
  • Restrict access as to time, scope, function, and file
  • System or user level access rights
  • Unilateral ability to terminate session at any time
  • Automatic logoff after 10 minutes of inactivity
Audit controls
  • Detailed logs of each support connection session
  • Complete historical reporting
Data integrity
  • Strict control of remote access to limit support related data corruption
  • Detailed audit to identify changes and enable corrections
Transmission security
  • Customer configurable encryption
  • AES in 128, 192, and 256-bit modes
  • Triple DES10
SARBANES-OXLEY
Audit and accountability, management assessment of internal controls
  • Detailed logs of each support connection session
  • Complete historical reporting
GRAMM-LEACH-BLILEY
Identification and authentication
  • Multi-level authentication
  • Both sides of connection must authenticate
  • Unique username/password combination for all logins
  • Unique randomly generated key for each connection
Oversight of service provider arrangements
  • Authorization, monitoring, and control of all remote access for remote maintenance and diagnostic activity
  • Customer configurable remote access control
  • Restrict access as to time, scope, function, and file
  • System or user level access rights
  • Unilateral ability to terminate session at any time
PCI DSS
Password control
  • Unique username/password combination for all logins
  • Unique randomly generated key for each connection
Secure data transmission
  • Customer configurable encryption
  • AES in 128, 192, and 256-bit modes
  • Triple DES
Unique ID
  • Multi-level authentication
  • Both sides of connection must authenticate
  • Unique username/password combination for all logins
  • Unique randomly generated key for each connection
Monitor network access
  • Authorization, monitoring, and control of all remote access for remote maintenance and diagnostic activity
  • Customer configurable remote access control
  • Restrict access as to time, scope, function, and file
  • System or user level access rights
  • Detailed logs of each support connection session
  • Complete historical reporting

Find out how secure third-party remote access can be.

Request a demo and we’ll show you how the SecureLink remote access platform connects customers and vendors.

©2018 SecureLink All Rights Reserved | Privacy Policy | License Agreement

Pin It on Pinterest

close close