Stealthy solution for voluntary compliance
When ACS contracted with a government client to conduct a compliance audit, it recognized the need for intelligence gathering software that could scan the client’s entire infrastructure. The client wanted ACS, a Xerox company, to perform a risk assessment and to remediate any issues arising from the voluntary audit.
To carry out the project, ACS chose an enterprise search infrastructure solution from ISYS Search Software. ACS particularly liked the fact that the software would conduct the audit without disrupting worker productivity.
Paul McDonough of ACS/Xerox says, "What we were particularly impressed with during our initial tests was ISYS’ ability to scan multiple computers across multiple networks very effectively and efficiently. What’s more, it proposed a very stealthy solution, which enabled us to carry out our work behind the scenes without any user disruption."
According to ISYS, by leveraging its solution, ACS developed a network scanning, audit and risk assessment tool that proactively scans user workstations for potentially sensitive information protected by the Health Insurance Portability and Accountability Act (HIPAA) and by company policies.
McDonough says, "Through this system, we helped shield the customer from legal implications or costly penalties that are routinely levied by the government for HIPAA non-compliance. We see the ISYS system as a valuable solution that will help our customer perform annual voluntary compliance audits."
Concerning the project, ISYS reports that the implementation help to:
- identify program data and files that need to be "locked down" or purged,
- dynamically configure client-specific data search and algorithms,
- cluster and define risk at the computer and/or organization level,
- identify patterns of inter-departmental information sharing that might suggest potential projects for data consolidation, and
- establish proactive voluntary compliance plans.