CNS launches IT Compliance as a Service

  • Thursday, 14 April 2011

Specialist IT security and networking consultancy CNS has launched a managed service version of its CompliancEngine service which audits any network to assess its level of compliance.

Kevin Dowd, director of security assessment & founder of CNS, said: "After years of auditing to a full range of regulation and governance requirements, we needed a tool that would allow us to audit a network once and provide the information for many controls. So we built one, and I am pleased to say it works".

Most recently, CNS has used the CompliancEngine with managed hosting provider NetBenefit, to ensure its continued compliance with the Payment Card Industry Data Security Standard (PCI DSS).

The CNS CompliancEngine works for any industry or in-house standard by automating compliance-specific functions such as build validation, log management (SIEM), vulnerability assessment, configuration and patch management. CNS, an accredited consultancy for PCI DSS, CESG CHECK & CLAS, is then able to work with in-house IT teams to resolve the issues.

CNS has developed the services using its own scripting engine. It is completely customisable with customers' applications, systems, IT estate and risk management methodology.

  • Key features include:
  • Threat Engine - automated and scheduled security scanning & vulnerability management.
  • Patch Engine - automated & scheduled patch scanning & management.
  • Validation Engine - automated and scheduled build checks against bespoke baseline templates.
  • Configuration Engine - securely stored config backups with differential comparisons to identify changes.
  • Log Engine - collates information from multiple devices and ensures logs are parsed, normalised, indexed and alerted in real time.
  • Log Watch - combines one or more of the features above with the CNS Service Desk to analyse logs and respond to alerts.
  • Service Watch - assistance with the analysis of the results and remedial work required, including preventative measures.

Results from these features are then presented on the portal for assessment by clients and CNS consultants.

In addition to NetBenefit, CNS has also used the service with a FTSE 100 finance house and a major public service body. The finance house uses it to solve its scanning and build validation needs
across diverse technologies and systems, enabling the company to manage compliance issues from one location and focus on the business rather than IT

www.compliancengine.com

May 2012

Latest Issue

Download

Issue Archive

Subscribe to our Newsletter

Sign up to receive FREE Banking Technology news alerts straight to your inbox

Company Announcements

Appointment: Fidessa puts Polen in charge of US strategy

Nasdaq OMX to acquire GRC firm BWise

Nasdaq OMX to acquire GRC firm BWise

Comment

BIAN: Why standards bodies need to stick together

PINning the future on biometrics

Features

MyStandards: a tool for change

Made in Italy: SIA's Massimo Arrighetti

Latest Whitepaper

MyStandards: a tool for change

MyStandards, officially launched 14 May, is a development that goes to "the heart of what Swift is doing to reduce the cost of managing the...