Security Policy Framework: HMG Information Assurance
Automate Implementation of Security Controls
The Security Policy Framework (SPF), published late in 2008, is mandatory for all Government Departments and Agencies. The compliance is required by any organizations working on behalf of, or handling HMG assets, such as Non-Departmental Public Bodies (NDPBs), contractors, Emergency Services, devolved administrations, Local Authorities or any regular suppliers of goods and/or services.
Tripwire helps Government bodies affordably achieve compliance with a single integrated solution that combines log intelligence with FIM and configuration control. It delivers real-time monitoring, change detection, reporting and investigation to provide assurance of compliance with IT security policies.
Tripwire solutions allow organizations to:
- Meet the requirements of SPF for HMG ICT systems utilizing the recommended configuration controls and log requirements.
- Monitor in real-time and instantly detect any changes and events that may impact upon security.
- Instantly alert on suspicious behavior within the enterprise.
- Remediate configurations; automate hardening of security controls.
- Collect any readable audit, accounting or operational log and process it in to a scalable flat-file based forensic data store in accordance with the organization’s Forensic Readiness Policy.
- Conform with standards such as the GCSX requirements, Data Protection Act and Community Security Policy (CSP).