RSA Rolls Out Compliance Management Application

RSA Security Inc. on Monday will introduce software to help companies monitor and report on their compliance efforts. The RSA Reporting and Compliance Manager is designed to provide better logging and reporting capabilities for both IT administrators and auditors. The software provides views into user access rights and the activities of employees, partners, and customers working on networks protected by RSA security products. It can produce reports to show who has access to what data and who actually looked at what information, what changes have been made to access policies and who made them, and the number and types of unsuccessful unauthorized attempts at access.

The Reporting and Compliance Manager product works with RSA's ClearTrust event logging tool. The combination lets customers generate reports on past and present access policies, including user behavior, authentication attempts, and resources accessed. They're designed to let companies provide evidence of regulatory compliance and give them the ability to investigate security events.

Setting, managing, changing, and auditing access control can impose a big burden on IT staffers, says Julie Rahal Marobella, an industry analyst at IDC. Automating some of these tasks can save time and effort. "Companies currently take a more manual approach to compliance, she says, "and it's very time consuming."