Regulatory Compliance

A Better Way to Demonstrate Compliance

Compliance mandates such as PCI, HIPAA and FISMA require businesses to protect, track and control access to sensitive information. Each requirement has its own set of complicated, costly and time-consuming demands. Each auditor may use different methods and measures for compliance. The one constant is your log data—the definitive record of human-to-machine and machine-to-machine interactions.

Compliance requirements to monitor logs and changes often drive costly investments in SIEM, change monitoring and other technologies to implement specific monitoring and controls. Compliance also impacts day-to-day operations with segregation of duties keeping developers and operational teams off production systems, which in turn affects troubleshooting and system availability.

The hundreds of customers using Splunk for compliance routinely comment on their ability to quickly close compliance gaps, enable greater levels of automation to meet compliance mandates and demonstrate compliance across all requirements from a single system. Splunk can help you perform analysis and determine regulatory compliance of people, processes and technologies.

FISMA

Securely collect, index, store and continuously monitor all of your log and machine data to meet the critical requirements of regulations and standards affecting United States federal agencies and contractors.

Operationalize FISMA compliance by monitoring and searching terabytes of historical data along with monitoring data from any data source in real time.

Search across terabytes of data and create statistical averages, look for outliers, and continuously monitor and measure your state of compliance. Splunk allows you to:

  • Accept and store knowledge from users as metadata tags so that data and system classifications; create reports and dashboards to meet KPIs relating to 800-53 v3 controls
  • Pull data from an asset management database that may contain contextual information about hosts such as security classifications, system owner information and up-time requirements
  • Create role-based access to dashboards and reports and allow users to drill down into the supporting data. Dashboards and visualizations update in real time, making Splunk ideal for NOC or SOC operations

PCI

Meet requirements for audit trail collection, retention and review. Generate reports in seconds to prove compliance with any control. Comply with explicit data control requirements across your infrastructure, including file integrity monitoring.

Splunk App for PCI Compliance

Unlike most security and information event management (SIEM) products that supply their PCI solution as a stack of additional reports, the Spunk App for PCI Compliance is purpose-built to organize and visualize data specifically for PCI.

Splunk App for PCI Compliance provides continuous monitoring of all relevant PCI DSS requirements, efficient workflows for audit-trail review and built-in change monitoring—eliminating the need for additional technologies and point product purchases to pass your PCI DSS audit.

The Splunk App for PCI Compliance gives you these features out-of-the box:

  • Content for real-time continuous monitoring of enterprise PCI DSS posture
  • High-level scorecards and reports for each PCI requirement
  • Simple visualizations indicating PCI compliance issues
  • Prioritization of in-scope assets
  • Operational, security, and incident review, as well as workflow capabilities
  • Audit trail for log review and report accesses

In addition to meeting PCI requirements, Splunk lets you conduct ad hoc searches, utilize flexible reporting and establish mature processes to remediate PCI issues quickly.

Contact a compliance expert today to get started with the Splunk App for PCI Compliance.

SEC

All public companies must file an annual report as required by the Securities and Exchange Commission (SEC) giving a comprehensive summary of a company's performance. This 10-K document includes information such as company history, organizational structure, executive compensation, equity, subsidiaries, and audited financial statements, among other information.

Use Splunk and pattern-based analysis as part of a risk mitigation strategy for "Risks related to cyber incidents that may remain undetected for an extended period," as suggested by the SEC for 10-K risk-factors guidance.

HIPAA

Healthcare data is generated by numerous systems and in a wide variety of formats—syslog, custom application logs, XML, HL7 and myriad other formats. Add to this business vertical an IT vendor technology landscape that is influenced by mergers, acquisitions, and disparate and conflicting development processes. It's no surprise that most healthcare applications do not conform to a single data format. With so many off-the-shelf and customer applications providing information in unique formats, managing this data and deriving its value represents an ongoing struggle for healthcare industry IT professionals.

Most healthcare providers are concerned about three things:

  • Profitability and Efficiency - making sure service is optimized for every dollar spent
  • Better Patient Outcomes - improving the quality of service delivered to the patient
  • HIPAA Compliance - making sure we protect patient (and employee data) while giving access to the right persons at the right times to do their jobs

Most healthcare payers (insurance companies) are concerned about three things:

  • Profitability and Efficiency - making sure service is optimized for every dollar spent
  • Fraud - understanding the difference between billing errors and organized schemes to defraud
  • HIPAA Compliance - making sure that people see only the data they need to do their jobs

It's no accident that these concerns look similar. The answer to these concerns really is "it's in the data." Seeking patterns in large amount of data—terabytes and petabytes—collected from a wide variety of systems correlated and seen in the context of time and place can provide answers to the most common and pressing questions asked by these two sides of the healthcare coin.

Splunk: An agile big data solution

Splunk is able to answer business questions such as:

  • Are the third shift nurses more efficient than first shift when administering prescribed treatments?
  • How much drug diversion is taking place in the hospital?
  • Are off-shift hospital personnel viewing patient data records and what's the potential fine amount to the hospital?
  • Are there multiple claims from the same doctor for reimbursement for services from many difference cities for more patients than humanly possible?
  • What are the anomalies in the numbers of specific kinds of treatments provided against a rolling 30 day average from a particular location?
  • Splunk can collect and index any data without regard to format and perform Google-like searches across petabytes of data. Splunk's verbose flexible analytics command language allows you to ask questions of your data that can answer specific business questions when translated into automated search queries.

    Healthcare Customers

    Catholic Healthcare West (CHW) is a system of 42 hospitals and medical centers in California, Arizona and Nevada. Founded in 1986, CHW is the eighth largest hospital system in the nation and the largest not-for-profit hospital provider in California. Catholic Healthcare West has established Splunk as a standard for centralized data management, providing distributed search to gain a singular view across all of CHW's IT teams and hospitals. CHW uses Splunk for security monitoring and HIPAA compliance. Solution Areas: Application Management, Compliance

    Health Net, Inc. is among the nation's largest publicly traded managed health care companies. Health Net uses Splunk to centrally collect and monitor logs from Cisco PIX firewalls and Cisco routers. Solution Areas: Compliance, Log Management, Network Management

    Revolution Health Group, chaired by AOL co-founder Steve Case, is creating a health company where patients are put at the center of the health system with more choices, more convenience and more control over their healthcare. Revolution is using Splunk to consolidate logs from J2EE applications to accelerate troubleshooting and improve availability. Solution Areas: Application Management

    The Children's Hospital of Boston uses Splunk as the central logging server for all their audit logs. Using Splunk helps the hospital to cost-effectively comply with HIPAA and significantly cuts down investigation times. Solution Areas: Compliance, Log Management, Security