File Integrity Monitoring

File Integrity Monitoring to help you meet compliance requirements and get complete security visibility of your IT environments.

Accelerate Compliance with File Integrity Monitoring.

The increasing incidence of data breaches has led to the creation of numerous regulatory standards such as PCI-DSS. These standards call for companies to adopt security best practices, including the need to monitor all types of changes made to server configurations.  Although some of these configuration changes have no significant impact on systems, a few unexpected changes could turn out to be a security risk. This could also lead to non-compliance.  This is where the requirement of a File Integrity Monitoring tool, also known as change audit, monitors files of all types and identifies changes in these files that can potentially put your sensitive data at risk. Files monitored include configuration files, executables, registry files, file and directory indexes, permissions, and tables.

File integrity monitoring (FIM) is an internal control or process that performs the act of validating the integrity of operating system and application software files using a verification method between the current file state and a known, good baseline. This comparison method often involves calculating a known cryptographic checksum of the file’s original baseline and comparing with the calculated checksum of the current state of the file.

Generally, the act of performing file integrity monitoring is automated using internal controls such as an application or process. Such monitoring can be performed randomly, at a defined polling interval, or in real-time. Changes to configurations, files and file attributes across the IT infrastructure are common, but hidden within a large volume of daily changes can be the few that impact file or configuration integrity. These changes can also reduce security posture and in some cases may be leading indicators of a breach in progress. Values monitored for unexpected changes to files or configuration items include:

  • Credentials
  • Privileges and Security Settings
  • Content
  • Core attributes and size
  • Hash values
  • Configuration values

Multiple compliance objectives indicate file integrity monitoring as a requirement. Several examples of compliance objectives with the requirement for file integrity monitoring include:

  • PCI-DSS – Payment Card Industry Data Security Standard (Requirement 11.5)
  • SOX – Sarbanes-Oxley Act (Section 404)
  • FISMA – Federal Information Security Management Act (NIST SP800-53 Rev3)[6]
  • HIPAA – Health Insurance Portability and Accountability Act of 1996 (NIST Publication 800-66)[7]

For more detailed information on’s File Integrity Monitoring Service or any of our managed or professional services please contact us.