File integrity monitoring, like other foundational security practices such as vulnerability management, helps organizations comply with the EU’s General Data Protection Regulation (GDPR). FIM specifically provides security controls in three key areas for GDPR:
- Ensuring integrity of data stored in filesystems
- Protecting confidentiality of data by detecting changes to filesystem access controls
- Detecting breaches
Qualys File Integrity Monitoring’s ability to quickly detect changes in all of these cases makes it a critical tool that helps you meet general security requirements of GDPR. This regulation goes into effect in late May and applies to any organization worldwide that handles personal data of EU residents.
What is FIM, anyway?
File integrity monitoring systems can help you to promptly detect a variety of changes stemming from normal IT activities, compliance and change control violations, or malicious acts such as malware attacks and configuration tampering. FIM systems use snapshot data and real time detection on the endpoints to identify when files on a system are changed, and when necessary, log the file changes so system administrators, compliance teams, and incident response teams can verify the events and determine if the activity was normal, a policy violation, or a sign of compromise.
Aside from compliance and breach detection use cases, FIM can be invaluable in making sure scripts used for automation and critical application configurations are not changed without proper change control and approval. That way, organizations can prevent downtime and enable fast recovery, both key to ensuring availability of critical applications.