Home » Author Archive

Protective Monitoring Solutions

A protective monitoring solution essentially requires you to invest in a Security Information & Event Management Solution (SIEM). Most SIEM tools will be able to implement a successful Protective Monitoring solution, however there are some considerations that should be taken in to account, as described below: * Does your SIEM have built in reports and alerts for GPG 13 While not compulsory, if your SIEM does not have these out-of-the-box, then you will need to recreate them manually, which will require a level of professional services for... 
 

Executive Summary

What is GPG13 and how do I get GPG13 compliance? Protective Monitoring, also known as Good Practice Guide 13, or GPG13, is a UK government recommended set of people and business processes and technology to improve company risk profiles. Essentially, a Protective Monitoring solution will provide visibility and an understanding of who is accessing your organisations sensitive data. Implementation of protective monitoring solutions are recommended in a number of regulatory and industry best practices, such as PCI DSS , Cyber Security and SOX. While... 
 

LogRhythm Protective Monitoring Solution

LogRhythm were one of the first organisations to officially publish a LogRhythm solution for Protective Monitoring. Their solution has built in alerts and reports to meet all of the alerting and reporting requirements, as stated as part of the Protective Monitoring Controls. They also have a number of partners that use LogRhythm as the underlying technology in providing an outsourced GPG 13 solution. If you would like for us to arrange a demonstration with LogRhythm to discuss their solution then complete the below contact form and we will arrange... 
 

Recording on Data Backup Status

The objective of PMC8 is to ensure a backup and recovery process is defined an adhered to, such that the business can be confident of integrity and availability of the network resources. Protective Monitoring, also known as Good Practice Guide 13, or GPG13, is a UK government recommended set of people and business processes and technology to improve company risk profiles. The GPG13 standard includes twelve Protective Monitoring Controls,. The below section explains what requirements must be met to meet your obligations for Protective Monitoring... 
 

Providing a Legal Framework For Protective Monitoring Activities

Protective Monitoring, also known as Good Practice Guide 13, or GPG13, is a UK government recommended set of people and business processes and technology to improve company risk profiles. The GPG13 standard includes twelve Protective Monitoring Controls,. The below section explains what requirements must be met to meet your obligations for Protective Monitoring Control number twelve. The objective of PMC12 is to define a requirement that will ensure all monitoring is conducted in a lawful manner, and that the collected data is, in its self, protected... 
 

Production of Sanitised and Statistical Management Reports

Protective Monitoring, also known as Good Practice Guide 13, or GPG13, is a UK government recommended set of people and business processes and technology to improve company risk profiles. The GPG13 standard includes twelve Protective Monitoring Controls,. The below section explains what requirements must be met to meet your obligations for Protective Monitoring Control number eleven. The objective of PMC11 is to define a set of Reports that will provide feedback to management on the performance of the Protective Monitoring system effectiveness. Depending... 
 

Reporting on The Status of The Audit System

The objective of PMC10 is to define a set of Alerts and Reports that will allow confidence in the integrity of the auditing system, such that the output of this system can be relied upon in a court of law. Protective Monitoring, also known as Good Practice Guide 13,or GPG13, is a UK government recommended set of people and business processes and technology to improve company risk profiles. The GPG13 standard includes twelve Protective Monitoring Controls,. The below section explains what requirements must be met to meet your obligations for Protective... 
 

Alerting Critical Events

The objective of PMC9 is to define a set of real-time Alerts and Reports that will identify events classified as “Critical” by the organisation. Protective Monitoring, also known as Good Practice Guide 13, or GPG13, is a UK government recommended set of people and business processes and technology to improve company risk profiles. The GPG13 standard includes twelve Protective Monitoring Controls,. The below section explains what requirements must be met to meet your obligations for Protective Monitoring Control number nine. Depending... 
 

Recording on Session Activity by User and Workstation

The objective of PMC7 is to define a set of Alerts and Reports that will identify suspect user activity or allow forensic analysis of user activity within the network. Protective Monitoring, also known as Good Practice Guide 13, or GPG13, is a UK government recommended set of people and business processes and technology to improve company risk profiles. The GPG13 standard includes twelve Protective Monitoring Controls,. The below section explains what requirements must be met to meet your obligations for Protective Monitoring Control number seven. Depending... 
 

Recording Relating to Network Connections

The objective of PMC6 is to define a set of Alerts and Reports that will identify temporary connections to the network, such as those made via a VPN or wireless connection. Protective Monitoring, also known as Good Practice Guide 13, or GPG13, is a UK government recommended set of people and business processes and technology to improve company risk profiles. The GPG13 standard includes twelve Protective Monitoring Controls,. The below section explains what requirements must be met to meet your obligations for Protective Monitoring Control number... 
 






© 2006-2017 Protective Monitoring – GPG13.