|
Solution Cases
Large Computer Company
Topic: Environment Compliance Monitoring
Challenge
To protect company assets while monitoring internal user activity related to compliance policies and established controls.
Solution
A very large hardware/software producer uses BlackAgent in its production environment to monitor compliance with internal database policies.
Impact
Real-time visibility on internal compliance policies and controls.
Large Financial Institution
Topic: Transaction Protection
Challenge
Protect and track financial transactions in real-time with notifications and reports.
Solution
A national financial institution uses BlackAgent to secure financial transactions against internal and external fraud across the extended network, including its ATMs.
Impact
Secure financial transactions with enforced compliance.
National Retail Chain
Topic: Database(s) protection
Challenge
Protect and track multiple databases and updates.
Solution
A national retail chain uses BlackAgent to monitor database activity and usage in a dynamic environment with stringent GRC compliance controls that need to be enforced. The solution is delivered by a SaaS (Software as a Solution) offshore provider.
Impact
Real-time database(s) protection and GRC enforcement.
Manufacturer
Topic: Compliance BI
Challenge
Using BI for the purposes of performance analysis. Objects are qualified as dimensions or measures from enterprise applications and databases for analysis. Need to add compliance BI analysis or reporting.
Solution
Optimize current BI tool for performance measuring of objects retrieved from application numeric data or data that is the result of calculations in various databases. Integrated real-time activity monitoring and analysis with compliance partner SaaS service.
Impact
Extended BI analysis and trending to accommodate compliance with limited impact to IT operations.
Healthcare Company
Topic: PHR Monitoring and Enforcement
Challenge
Largest medical and insurance membership company with large IT infrastructure burdened by many acquisitions PHR portal integrates to many internal and external data agencies and data sources. Experiencing data management and integration issues of 10 critical enterprise applications Compliance controls need to be validated across all applications and back-end databases for compliance enforcement.
Solution
Agnostic validation of internal IT compliance controls – definition and testing. Map controls across all integrated applications and back-end databases. Provided real-time monitoring and enforcement protecting HIPAA information.
Impact
Control of PHR information mandated by HIPAA with real-time enforcement protection. Provides real-time visibility and reduces risk.
Largest International Airline
Topic: Payroll Automation and Compliance Control
Challenge
Utilizing a single database to handle an active payroll of 52,300 employees with weekly, bi-weekly, semi-monthly, and monthly payroll cycles with complex multiples of 3,500+ garnishments. No timely activity tracking, authorizations, or compliance enforcement.
Solution
Implemented EDP system to automatically track payroll process and pay all types of garnishments. Distributed payroll information to multiple databases in five countries. Established SasS monitoring of all payroll activities including protecting payroll change and trigger authorizations, compliance controls, and enforcement action.
Impact
EDP automated payroll system with standard reporting. Established real-time financial and payroll compliance monitoring supporting multiple country offices.
|
Large VC Firm
Topic: Portfolio Compliance Monitoring
Challenge
Mange investment portfolio of 20 companies to protect assets and assure SOX compliance.
Solution
Remote monitoring of Portfolio Company databases with local VC management dashboard. Used hosting company for remote integration hub to access and monitor companies databases and compliance controls. Developed and implemented a consistent auditing practice across all investment companies with activity monitoring and history for audit preparation.
Impact
Real-time visibility of portfolio companies. Reduce compliance risk. Establishing consultant audit practices across investment companies. Lowering cost of company audits Ease to add or remove companies to the portfolio.
Global Bank
Topic: Compliance Planning and Mandate Tracking
Challenge
This top financial institution’s executive management is concerned that their oversight role had been seriously compromised by regulatory challenges and recent acquisitions that made it difficult to obtain real-time information about the compliance controls and risks to the enterprise and steps taken to manage those risks
Solution
Have an assessment done by a partner of their current global situation and institute a mandate to manage corporate risk.
Risk would be managed across the enterprise to reflect regulatory change. Regulatory controls would be established, validated, and monitored to indicate risk and severity of impact to the company.
Impact
As a result, executive management embrace a single, actionable vision of enterprise risk management with gains in timely visibility into risks the enterprise faces and how those risks can be managed. |
Large Entertainment Company
Topic: Rights and Compliance Management
Challenge
Implemented EDM and RM systems with complicated global integration of distribution systems, databases and reporting BI. Content and rights management of artists’ media and distribution need to be tracked for asset protection, financial reporting, industry and compliance regulations.
Solution
Enterprise monitoring agent-base application system was implemented to monitor global back-end databases to assure rights management control and information protection for internal business rules, industry (third-party) regulations, and financial compliance.
Impact
Independent compliance team now has visibility of all media asset and distribution for financial and compliance enforcement and reporting. Monitoring results are also shared with partnering industry companies for auditing purposes.
Healthcare Provider
Topic: HIPAA Real-time Monitoring and Audits
Challenge
Management and IT to be aligned for compliance best practices and control for HIPAA mandates.
Solution
Organizations implemented best practices using a partner consulting firm to ensure IT systems will support HIPAA compliance controls. Management was made accountable and aware of the need for a continuous and proactive operational risk management environment that recognizes the links between its technology infrastructure, business processes, compliance, and internal controls. The company implemented a risk management system configured to their compliance controls. A partner provided the real-time monitoring of their compliance controls with a centralized management dashboard with emergency alerts notifications.
Impact
Enterprise –wide risk management system with policy-driven controls. Consistent compliance practice and management awareness across IT and the business. Real-time monitoring of compliance with special alerts and complete history of activity for risk mitigation.
Energy Company
Topic: Compliance IT Infrastructure Optimization and Monitoring
Challenge
The global IT security team is under pressure to make the business comply with HIPAA, GLBA, PCI DSS, SOX, FISMA and Basel regulations and meet the demands of internal and external auditors. In addition, many regulations contain requirements pertaining specifically to the integrity and security of the IT environment that are not supported. There is also a lack of enterprise control and history tracking for audit preparation.
Solution
The global IT security team partnered with experts in financial, healthcare, energy operations and governance to assess current organization and develop a global compliance and security plan. Policies and controls were defined and implemented. Remote monitoring tracked all activities and protected corporate data and logged history for the auditors.
Impact
As a result, auditors can see policies and controls that describe how an organization will provide compliance and security integrity; activity tracking from loges and history of operational compliance; and documented evidence that the organization has discovered and fixed any compliance lapses.
|
