The International Organization for Standardization (ISO) 27001 defines requirements that companies of any size can use to establish, implement, maintain and continually improve an information security management system.
Manufacturing companies that need to meet ISO 27001 compliance can easily prove their adherence to standards with Blumira’s new pre-built global reports.
The manufacturing industry runs the risk of downtime due to ransomware attacks, which doubled in 2022 alone, targeting industrial infrastructure. They also could be at risk of intellectual property (IP) theft or extortion, if an attacker was able to compromise this type of data. Meanwhile, supply chain attacks also result in downtime, negatively impacting production.
Complying with ISO 27001 can help protect against manufacturing security risks with the ongoing use of an information security management system.
Blumira’s SIEM + XDR security platform helps your organization easily meet and exceed ISO 27001 compliance requirements for logging, monitoring, threat detection and response.
“I’ve worked with SIEMs for over 30 years; many collect logs, but analyzing them is time-consuming. I don’t have the staff dedicated to sit and read logs all day or with the skillset to analyze our data. We chose Blumira for its simplicity – I needed a solution that would simplify, consolidate and show me what I really need to see.”
– Jim Paolicelli, IT Director, Atlantic Constructors (see the full manufacturing case study)
By regularly running and scheduling Blumira’s ISO 27001 reports, you can easily prove your compliance to an auditor for certain controls.
See which Blumira reports map to which ISO 27001 controls so you can easily hand over pre-built reports to your auditor to prove your compliance. Please note that each report is available for certain integrations, which are listed under each report below:
ISO 27001 Controls | Blumira’s Global Reports |
---|---|
A.9.2 Privileged Access – Track access by administrators and power users | ISO 27001 - Windows Privileged Access Available for: Windows |
A.9.2 Password Resets – Track password changes for awareness of compromised accounts | ISO 27001 Password Modification Tracking Available for: Windows |
A.9.2 Failed Logins – Identify brute force and other credential attacks | ISO 27001 - Failed Logins Available for: Linux, Palo Alto, Fortigate, Microsoft 365 |
A.9.2 USB Device Usage – Detect unauthorized devices plugged into endpoints | ISO 27001 USB Device Use Alerts |
A.9.2 Account Lockouts – Find accounts locked due to excessive failed logins | ISO 27001 Account Lockouts |
A.9.2 Logins by Location – Spot access from unfamiliar regions | ISO 27001 Logins from Outside US ISO 27001 Logins from Outside UK ISO 27001 Logins from Outside CA ISO 27001 Logins from Outside AUS Available for: Azure, Microsoft 365, Duo, Okta |
A.9.2 VPN Connections – Monitor remote access methods and users | ISO 27001 VPN Connections Available for: Fortigate, Cisco ASA, Watchguard, GlobalProtect, SonicWall, Sophos |
A.12.1 System Changes – Record critical configuration and policy changes | ISO 27001 Windows GPO Updates ISO 27001 Firewall Configuration Change Available for: Windows, Fortigate, Palo Alto, Sophos XG, Cisco ASA, Sonicwall |
A.12.4 Earliest Timestamps – Prove log data retention meets policy | ISO 27001 Earliest Timestamps - Total Logs |
A.12.4 Log Tampering – Detect modifications or deletions of log data | ISO 27001 Log Tampering - Clearing of Windows Security Event Log ISO 27001 Log Tampering - Clearing of Windows Event Log Available for: Windows |
A.13.1 Firewall Traffic – Analyze allowed/blocked connections at perimeter | ISO 27001 - Firewall Traffic |
A.16.1 IDS/IPS Alerts – Identify potential intrusion attempts and malware | ISO 27001 IDS/IPS Alerts Available for: Fortigate, Umbrella, Checkpoint, PaloAlto, Sonicwall, Sophos XG |
Blumira customers on paid editions can use global and saved reports to easily access ISO compliance reports, as well as many other reports to analyze the logged events that you send Blumira.
To view an ISO global report or one of your saved reports, follow these easy steps:
Note: You can type a name or keyword to filter the list or scroll to find a specific report. When you search “ISO,” the compliance reports you can view will vary based on which integrations you currently have set up for your organization.
Get more tips on how to use Blumira’s Report Builder in our documentation article, Using global and saved reports.
It’s easy to help meet or support multiple compliance controls using Blumira’s SIEM + XDR platform. Time-strapped IT teams can do more with one solution that combines SIEM, endpoint visibility and automated response. See our recent post on NIST compliance reports and the different compliance frameworks we support.
There’s a few different ways you can get started with Blumira: