What Do You Need to Look for in a FIM Solution?

There are many products that label themselves as ‘File Integrity Monitoring’. Alas, many don’t provide the critical information required for security intelligence, the who, what, when and where scenarios. Any technology that simply says ‘that file over there changed’ is not going to provide much security intelligence, and won’t hold up to a compliance audit.

Here is a straight forward list of questions to help you find a best of breed file integrity monitoring solution:

  • Does the solution tell you who accessed or made a change, can you see who is looking at a file in real-time?

  • Does the solution tell you what file has changed? Can you set up alert mechanisms tailored to your needs?

  • Does the solution tell you when files were accessed? Are industry-standard hashing algorithms used to report changes?

  • Does the solution tell you where a remote user was and is logged on from? Are there agented and agentless solutions available to suit your needs?

Look for the following compliance specifications to make sure you’re buying best of breed PCI, PSN GovConnect, SOX, NIST, HIPAA and ISO27001.

How Honeycomb Technologies Can Meet Your File Integrity Monitoring Needs

Real-Time, Agentless File Monitoring

Honeycomb LexFileMonitor if able to agentlessly monitor remote file systems in real time, allowing you track and monitor file access and change throughout your entire network.

User and Machine Behaviour

Capture user and machine behaviour across your entire network in real-time, giving you high visibility of behaviour, usage and trends with unrivalled detail and performance.

Intuitive Pattern Recognition

Honeycomb Lexicon comes pre-populated with checks and pattern recognition for common problems and attacks, and its extensibility means it is always evolving as new threats arrive. Honeycomb Lexicon is updated as new patterns emerge independently of your big data, future-proofing for ongoing threat analysis.

Global Reach, Centralised Management and Comprehensive Behaviour Monitoring

Honeycomb’s LexFileMonitor helps your team keep on top of your IT security by offering a comprehensive, completely scalable FIM solution with unlimited global reach.

Using automatic device detection and monitoring, LexFileMonitor is able to alert you to any suspicious behaviour detected on your network, whether internal or external. With specialised archive and retrieval tools, you can look back on historical data to investigate user and machine behaviour at any point in time.

LexFileMonitor allows file access behaviour to be fully audited in line with compliance requirements for PCI, ISO27001, GovConnect Code of Connection and the Gambling Commission amongst others.

This type of monitoring is ideal for:

  • Meeting compliance requirements where the monitoring of access to all sensitive data is essential.

  • Adherence to SLAs that contain contractual obligations to monitor certain file access behaviour.

  • Investigative troubleshooting and forensics.

  • Third Part Monitoring.

  • Behavioural monitoring and capacity planning.

  • Security auditing and condition testing.

For more information, download a copy of our comprehensive data sheet.

To see how simple and straightforward LexFileMonitor is download a copy now for free or book an appointment with one of our technology partners to get a demonstration.