BASIS Monitoring is a cybersecurity Incident management system

BASIS Monitoring has modular structure and consists of the following components:

• The management portal information security including modules:
  • documentary ensuring management of cybersecurity;
  • managements of information risks;
  • information security incident management.

• Software package of event management of information security.

Personnel of the company or components of IT infrastructure can act as a source of information on incidents.

For interaction of personnel with the module of incident management direct access via the Web interface of the portal or corporate e-mail and also already used in Service Desk company can be used.

For interaction with IT infrastructure the Software package of event management of information security providing the centralized automatic collecting in uniform storage and the preliminary analysis of events in a corporate information system with the subsequent transmission of messages in the module of incident management and further registration of incidents of cybersecurity is used.

As an event management complex in a basic configuration it is offered to use IBM Tivoli SIEM as the most functional and universal solution for Log-management, conformity assessment and investigation of incidents. Also others can be used, including the SIEM companies which are already integrated into IT infrastructure, such as Symantec of SIM, ArcSight SIEM. In case of tight budget restrictions integration can be implemented using OSSIM and other Open Source of solutions.

The main objectives solved using a system BASIS Monitoring are:

• Cost reduction on qualified specialists of cybersecurity due to automatic detection, the analysis and registration of incidents.
• Minimization of unreasonable costs for means of protecting.
• Adaptation to the existing business processes without their interruption.
• Reduction of an information security management system and processes of cybersecurity according to standards:
  • ISO/IEC 27001/27005;

• * PCI DSS.
  • SERVICE STATION OF BR IBBS

• Increase in security of the company and stability of business processes due to operational identification of problem services and the reasons of incidents.
• Decrease in labor costs of specialists of cybersecurity due to automatic providing permission of an incident to the user of option from the knowledge base at its registration.
• Organization of interrelation of users, IT and cybersecurity of division of the company.
• Documentation of changes in information systems and extent of their influence on cybersecurity.
• Timely providing to the guide and other authorized persons and organizations of reports on a current status of cybersecurity of the organization.
• Providing tools for carrying out the retrospective analysis and investigations of incidents of cybersecurity, reporting during the solution of specific objectives, tracking of the status of their solution.
• The organization of planning of the list of measures for achievement of necessary level of security and risks according to the available risks and vulnerabilities.
• Providing reports on violations of security policy of the company.

BASIS Monitoring allows to optimize interaction of IT and cybersecurity of divisions of the company due to creation of the connected architecture with Service Desk. The organization of interrelation with the existing Service Desk system in the company is made via the connectors integrating already constructed processes in any company. Double-sided tasks, approval and documentation of changes in systems will allow to resolve quickly the important issues concerning creation of all IT architecture.

Advantage of use BASIS Monitoring consists in:

• Ensuring compliance of the company to requirements of the international and Russian standards for information security management.
• Easy adaptation to the existing business processes.
• Integration with any IT infrastructure of the company.
• Reduction in cost of ownership of cybersecurity of the company.
• Return of investments due to early warning of the fact of an incident and its prevention.
• Providing the general regulating and regulatory documents adapted for the customer.
• Simplification of preparation of SLA with cybersecurity division.
• Modularity and possibility of expansion of functionality.

The functionality BASIS Monitoring can be expanded add-on modules for creation of a full-function automated system of information security management and business continuity the Portal of SMIB "BASIS" providing compliance to requirements of the international standards ISO/IEC 27001/27005 and BS 25999/25777.