XQ for NIST 800 53 compliance
NIST 800 53 is a wide ranging set of security recommendations spanning everything from configuration of systems to program management. Within NIST 800 53 there are also specific controls that deal with data where XQ can provide value.
AC – Access Control requires that protected data is only readable by authenticated and authorized users or software systems. XQ’s policy-based key distribution ensures that only authenticated and authorized users and software programs are able to access encryption keys. XQ supports a number of techniques from security tokens, cookies, IP whitelisting and IP geo-fencing to control access to data.
AU – Audit and Accountability requires that there is a log of all transactions to ensure compliance. XQ’s policy-based key distribution logs every event including all failed key requests (i.e. it’s impossible to do anything without generating a log entry in the XQ system). All of the XQ logs are indexed to enable search/sort functionality.