Compliance

When it comes to compliance you can’t be blind to physical security issues that can turn into compliance nightmares.  Whether its internal standards specific to your company, or public standards like SOX, PCI, SOC 2, and others, you need an automated approach based on scientific analysis to always be checking.  If you currently use manual methods (or even worse, opinions and guesswork), Viakoo can save you serious money and potentially your reputation.

Physical Security Compliance Standards

Internal Compliance:  Many organizations have internal policies and procedures involving physical security.  Viakoo has many customers who receive immediate payback on purchasing Viakoo by replacing manual methods with automation for ensuring compliance.

SSAE 16 Audits and SOC 2 Reports:  The SSAE 16 audit determines if the datacenter has sufficient physical security solutions, such as biometric access controls and CCTV surveillance.  SOC 2, Type II Reports not only confirm that data center security and operational procedures have been reviewed and tested by an independent certified auditor, but they also validate that your facilities’ controls and processes are designed to safeguard customer equipment and data. Viakoo provides on-demand reports to prove compliance, as well as failure alerts to help you minimize time you are out of compliance.

PCI: The PCI 3.1 DSS (specifically Requirement 9) requires the use of cameras to provide physical monitoring of facilities and devices where credit card data is stored.  To be PCI compliant means ensuring such cameras are operational.  Viakoo’s reporting engine provides push-button reporting to assist in a PCI audit.

Sarbanes Oxley:   In addition to the financial side of a business, such as the audits, accuracy and controls, the SOX Act also outlines requirements for information technology (IT) departments regarding electronic records. Sections 303 and 404 require physical security to be part of the scope of audits.  Viakoo provides an automated approach to auditing that meets the Section 303 requirements, and provides proof of internal controls as required by Section 404.

FFIEC:  Federally insured banks are subject to the Federal Financial Institution Examination Council rules and guidelines, which includes use of physical security technology such as video surveillance.

How Viakoo Makes Compliance Easier for You

Ensuring compliance to either public or internal requirements is made easier with a number of features found in the Viakoo solution.  While there is a range of compliance requirements, only Viakoo provides you with a comprehensive set of tools to ensure you meet all of them.

Viakoo helps you with compliance by:

Compliance Metrics:  Viakoo automatically calculates video path uptime (VPU) and video retention compliance (VRC), which are critical for compliance by showing that video evidence is being recorded properly, and the video evidence is stored for the required retention period.

Self discovery:  All devices connected to the physical security network are automatically detected and identified.  No manual entry of data or location.

Reference database:  Changes made to the system are automatically logged.  If there is a change in the environment it can be identified down to the minute when it happened.

Failures Automatically Detected and Alerted: At the earliest stages of your system becoming non-compliant, Viakoo automatically sends alerts with detailed information on the failure and how to fix it.

Threshold Setting:  As internal policies often differ, Viakoo gives you control to set key threshold ranges across hundreds of specific performance factors within and across the components on your network.

Audit Trail:  The Viakoo solution has an integrated ticketing environment, where issues can be assigned to team members to be fixed.  When fixed, the system automatically detects and logs the fix.

Inventory: Viakoo automatically detects and reports on all components connected to your network. Tracking down unapproved components is simplified with on-demand inventory reporting, and alerting on component additions or change-outs.

Lets Get Started – Please Contact Me