A torrent of sensitive data is generated continuously, each and every day, throughout many corporate enterprises. In many cases, this data can be scattered across the IT infrastructure or in some instances processed and stored in public cloud environments, where it resides outside the organization’s physical and logical security perimeters. Often this sensitive data is insecurely maintained with simple access controls, and remains vulnerable to accidental or malicious manipulation. Laws, regulations and best practices mandate that more attention be focused on these sensitive data items, and failure to provide adequate protection could mean fines, loss of business or even legal liability. Furthermore, today’s organizations increasingly find themselves under the risk of litigation or civil procedures; failing to proactively collect and appropriately preserve business record data that may be needed to support a legal case or e-discovery process may result in significant financial and legal ramifications.
The Kinamik Secure Audit Vault (kSAV) has been designed to address these compliance, e-evidence and insider threat issues by preserving data in real-time and making it tamper-evident. The Kinamik Secure Audit Vault collects and preserves data from various sources including applications, identity and access management implementations, web services, databases, servers and networked devices, applying an “integrity seal” at a user-configurable level of granularity (for example each line of a file or a line of pixels in a video). This secured data is actionable since its integrity remains irrefutably provable.
Kinamik Secure Audit Vault is easy to install and maintain. It uses both agent and agent-less technologies to collect data from heterogeneous sources in real-time. Each granular data element is cryptographically preserved in raw and actionable format for later review and analysis.
Click here to check the newly-added functionalities available on the current version of the Kinamik Secure Audit Vault.
The Kinamik Secure Audit Vault is comprised of four modules:
Small agents that collect in real-time sensitive data from various sources, and send them to the centralized vault.
Kinamik Secure Audit Vault module that adds integrity at the highest granular level. It performs high-speed time stamping and hashing of this sensitive data, with minimal overhead and process performance impact. Strong encryption is also provided by this component to guarantee data confidentiality.
Web-based module that allow auditors to perform powerful searches on the preserved data while verifying the correctness of information. It incorporates business intelligence capabilities such as regular expression search, data integrity validation and reporting using its interface or standard market-leading tools (Jasper Reports, etc), and exporting capabilities.
A new server-side component that allows for various non-auditing management and configuration tasks. Via its web-based graphical user interface (GUI) it permits, among others, monitoring kFeed sessions, adding, editing and deleting audit trails, and adding, editing and deleting user roles.