File Integrity Monitoring (FIM): sensing a change
I recently returned from a business trip and sensed something was different, but I couldn’t figure out what it was. Then it hit me, a small piece of furniture was in a different place. This is not a big deal, right? Someone I trusted made a change that didn’t affect my daily activity. But, what if something was missing. Perhaps someone found a spare key under an unassuming rock, gained access to my home, and stole an item that I didn’t presently need. The reality is I probably would not know that item was missing until I needed it. Ok, now that is a big deal. The environments that host your business-critical data may be vulnerable to similar risks.
No amount of security can keep an intruder from wreaking havoc in your environments. You have probably heard the phase before, if someone wants in bad enough, they will find away in. That is why you add multiple barriers—most of you have a door, a lock, and a dead bolt. Some of you may even have an alarm. Along with your home, your environments should have layered security that makes it harder to access or change important data.
One layer of environment security is File Integrity Monitoring, or FIM. FIM monitors and compares any changed files against a baseline to identify any changed files that may contain malicious data (rootkits, viruses, malware, etc.). In the case of the INetU FIM service, if a change is detected, an alert will be made to the INetU security experts and to the customer to determine appropriate action.
FIM is not only important for securing the data; it is also an important aspect of PCI compliance requirement 11.5. INetU offers PCI compliant hosting that includes skilled individuals that help design, implement, support, and monitor the security implementations, like FIM, and the compliance status of your environment.
Just like your home, your business-critical environments are vulnerable to foul play. The objective is to secure it before an attack occurs. INetU FIM makes it possible to detect, review, report, and remediate any potentially harmful changes to mission-critical data.
Find more information on the FIM solution from INetU here.