Skip to content
    How Blumira Helps With

    FFIEC Compliance and Information Security Standards

    The Blumira security platform helps your organization easily meet and exceed FFIEC security and compliance requirements.

    Blumira helps address the needs of FFIEC

    • Application Security: II.C.17

      Application Security: II.C.17 

      II.C.17 Application Security – Applications should provide the ability for management to implement a prudent set of security controls (e.g., password and audit policies), audit trails of security and access changes, and user activity logs for all applications.

    • Log Management: II.C.22

      Log Management: II.C.22

      II.C.22 Log Management –  Network and host activities are typically recorded on the host and sent across the network to a central logging repository. The data that arrive at the repository are in the format of the software that recorded the activity. The logging repository may process the data and can enable timely and effective log analysis. Management should have effective log retention policies that address the significance of maintaining logs for incident response and analysis needs.

      Log files are critical to the successful investigation and prosecution of security incidents and can potentially contain sensitive information. Intruders often attempt to conceal unauthorized access by editing or deleting log files. Therefore, institutions should strictly control and monitor access to log files, whether on the host or in a centralized logging repository. Considerations for securing the integrity of log files include the following:

      • Encrypting log files that contain sensitive data or that are transmitted over the network.
      • Ensuring adequate storage capacity to avoid gaps in data gathering. Securing backup and disposal of log files.
      • Logging the data to a separate, isolated computer.
      • Logging the data to read-only media.
      • Setting logging parameters to disallow any modification to previously written data.
      • Restricting access to log files to a limited number of authorized users.
      • Logging practices should be reviewed periodically by an independent party to ensure appropriate log management.

      Logs are voluminous and challenging to read. They come from a variety of systems and can be difficult to manage and correlate. A security information and event management (SIEM) system like Blumira provides e a method for management to collect, aggregate, analyze, and correlate information from discrete systems and applications. Blumira helps you discern trends and identify potential information security incidents. A Blumira SIEM can be used to gather information from the following:

      • Network and security devices and systems. 
      • Identity and access management applications.
      • Vulnerability management and policy compliance tools.
      • Operating system, database, and application logs.
      • Physical and environmental monitoring systems.
      • External threat data.

      Organizations should develop processes to collect, aggregate, analyze, and correlate security information. Policies should define retention periods for security and operational logs. Blumira will maintain event logs to help you understand an incident or cyber event after it occurs. Monitoring event logs for anomalies and relating that information with other sources of information broadens your ability to understand trends, react to threats, and improve reports to management and the board.

    Application Security: II.C.17 

    II.C.17 Application Security – Applications should provide the ability for management to implement a prudent set of security controls (e.g., password and audit policies), audit trails of security and access changes, and user activity logs for all applications.

    Log Management: II.C.22

    II.C.22 Log Management –  Network and host activities are typically recorded on the host and sent across the network to a central logging repository. The data that arrive at the repository are in the format of the software that recorded the activity. The logging repository may process the data and can enable timely and effective log analysis. Management should have effective log retention policies that address the significance of maintaining logs for incident response and analysis needs.

    Log files are critical to the successful investigation and prosecution of security incidents and can potentially contain sensitive information. Intruders often attempt to conceal unauthorized access by editing or deleting log files. Therefore, institutions should strictly control and monitor access to log files, whether on the host or in a centralized logging repository. Considerations for securing the integrity of log files include the following:

    • Encrypting log files that contain sensitive data or that are transmitted over the network.
    • Ensuring adequate storage capacity to avoid gaps in data gathering. Securing backup and disposal of log files.
    • Logging the data to a separate, isolated computer.
    • Logging the data to read-only media.
    • Setting logging parameters to disallow any modification to previously written data.
    • Restricting access to log files to a limited number of authorized users.
    • Logging practices should be reviewed periodically by an independent party to ensure appropriate log management.

    Logs are voluminous and challenging to read. They come from a variety of systems and can be difficult to manage and correlate. A security information and event management (SIEM) system like Blumira provides e a method for management to collect, aggregate, analyze, and correlate information from discrete systems and applications. Blumira helps you discern trends and identify potential information security incidents. A Blumira SIEM can be used to gather information from the following:

    • Network and security devices and systems. 
    • Identity and access management applications.
    • Vulnerability management and policy compliance tools.
    • Operating system, database, and application logs.
    • Physical and environmental monitoring systems.
    • External threat data.

    Organizations should develop processes to collect, aggregate, analyze, and correlate security information. Policies should define retention periods for security and operational logs. Blumira will maintain event logs to help you understand an incident or cyber event after it occurs. Monitoring event logs for anomalies and relating that information with other sources of information broadens your ability to understand trends, react to threats, and improve reports to management and the board.

    Get Started for Free

    Experience the Blumira Free SIEM, with automated detection and response and compliance reports for 3 cloud connectors, forever.