HIPAA Requirement Relevant USM Capabilities Benefits of Unified Security Management

§164.308 Risk Analysis

Conduct an accurate assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of ePHI.
  • Asset Discovery
  • Vulnerability Assessment
  • Network Intrusion Detection (NIDS)
  • Host-based Intrusion Detection (HIDS)
  • Wireless IDS
  • File Integrity Monitoring
  • SIEM
  • Risk Scoring & Analysis
  • Built-in asset discovery, vulnerability assessment, threat detection, behavioral monitoring, and security intelligence—provides a complete picture of your risk posture, within hours of deployment.
  • Accurate and consolidated asset inventories combined with real-time vulnerability assessment data is essential for auditor reviews and assessments.
  • Accelerated audit procedures because integration is already completed—as soon as you install USM™.

§164.308 Information System Activity Review

Implement procedures to regularly review records of information system activity, such as audit logs, access reports, and security incident tracking reports.
  • Vulnerability Assessment
  • Network Intrusion Detection (NIDS)
  • Host-based Intrusion Detection (HIDS)
  • Wireless IDS
  • File Integrity Monitoring
  • SIEM
  • Behavioral Monitoring
  • Log Management
  • Built-in asset discovery, vulnerability assessment, threat detection, behavioral monitoring, and security intelligence— reduces the cost and complexity of compliance.
  • Unified log review and analysis, with triggered alerts for high risk systems (containing ePHI).
  • Customized, action-oriented alerts which tell you exactly what to do, rather than add to the noise.)
  • Integrated threat data backed by Rizose Labs and the Open Threat Exchange.

§164.308 Access Authorization, Establishment and Modification

Implement policies and procedures that grant, establish, document, review, and modify a user’s access to assets.
  • Asset Discovery
  • Host-based Intrusion Detection (HIDS)
  • File Integrity Monitoring
  • SIEM
  • Automatically discover all ePHI assets via built-in asset discovery—no costly and complicated integration required.
  • Monitor changes to critical files with built-in file integrity monitoring.

§164.308 Log-in Monitoring

Procedures for monitoring log-in a"empts and reporting discrepancies.
  • Host-based Intrusion Detection (HIDS)
  • SIEM
  • Built-in HIDS monitors all activity on critical files and systems.
  • Built-in SIEM correlates events that could signal policy violations such as unauthorized logins followed by additional security exposures such as data exfiltration.
  • Unified security management dashboards and reports facilitate audit reviews.
§164.308 Protection from Malicious So,ware Procedures for guarding against, detecting, and reporting malicious so/ware.
  • Vulnerability Assessment
  • Network Intrusion Detection (NIDS)
  • Host-based Intrusion Detection (HIDS)
  • Wireless IDS
  • File Integrity Monitoring
  • SIEM
  • Behavioral Monitoring
  • Built-in vulnerability assessment discovers hosts and applications that may be vulnerable to malware and other exploits.
  • Built-in threat detection (NIDS, HIDS, and Wireless IDS) detects and alerts on potential infections and exposures.
  • Built-in file integrity monitoring alerts on changes to critical files which could signal malicious intent or malware infection.
  • Unified essential security delivers the security intelligence required to respond to and contain malware outbreaks.

§164.308 Password Management

Procedures for creating, changing, and safeguarding passwords.
  • Vulnerability Assessment
  • Host-based Intrusion Detection (HIDS)
  • File Integrity Monitoring
  • SIEM
  • Built-in, automated vulnerability assessment identifies the use of weak and default passwords.
  • Built-in host-based intrusion detection and file integrity monitoring will signal when password files and other critical system files have been modified.
  • Unified security intelligence connects critical, yet related events across systems such as a password change followed by exfiltration of data from the same device.

§164.308 Security Incident Response and Reporting

Identify and respond to suspected or known security incidents; mitigate harmful effects of known security incidents and document security incidents and their outcomes
  • Vulnerability Assessment
  • Network Intrusion Detection (NIDS)
  • Host-based Intrusion Detection (HIDS)
  • Wireless IDS
  • File Integrity Monitoring
  • SIEM
  • Behavioral Monitoring
  • Log Management
  • Situational Awareness
  • Built-in asset discovery, vulnerability assessment, threat detection, behavioral monitoring, and security intelligence—accelerates the incident response process.
  • Unified log review and analysis, with triggered alerts for high risk systems (containing ePHI).
  • Customized, action-oriented alerts which tell you exactly what to do next when responding to incidents
  • Integrated threat data backed by Rizose Labs and the Open Threat Exchange.

§§164.310 Device and Media Controls

Implement policies and procedures that govern the receipt and removal of hardware and electronic media that contain ePHI.
  • Host-based Intrusion Detection (HIDS)
  • File Integrity Monitoring
  • SIEM
  • Built-in HIDS will alert on policy violations such as a"empted use of external storage media on critical systems (e.g. USB drives).
  • Built-in file integrity monitoring captures anomalous changes to critical files containing ePHI.
  • Event correlation rules provide the situational awareness needed to identify the potential exfiltration of ePHI.

§164.312 Encryption and Decryption

Implement a mechanism to encrypt and decrypt ePHI.
  • Asset Discovery
  • Behavioral Monitoring
  • Host-based Intrusion Detection (HIDS)
  • Network Intrusion Detection (NIDS)
  • Wireless IDS
  • Automatically discover all ePHI assets via built-in asset discovery—no costly and complicated integration required.
  • Rizose’s USM will detect and alert when encryption or decryption procedures are not implemented correctly.