cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Windchill Security Audit Logging and requirements for traceability of malicious behavior.

LNissen
5-Regular Member

Windchill Security Audit Logging and requirements for traceability of malicious behavior.

Monitoring and identifying security threats and malicious activity has continued to become a top priority across many different industries and business segments world-wide.  Standards continue to be updated, and enforcement of these standards is required for many doing business in these regulated areas (ex. In the US NIST has documented expectations related to DFARS and CMMC with new requirements in 2020).  To better understand expectations that may be required to enhance the existing Windchill security auditing functionality associated with this increased security visibility, it would be helpful to know what types of concerns are being identified as gaps.  More specifically, what security events may be required to be added/updated?  Does the current security event auditing provide the traceability needed to meet regulatory audits around security traceability?

 

Examples:

  • Identifying changes to a user's permissions by an administrator to elevate permissions without prior approvals.
  • Changes in the Windchill configuration made by an administrator with no justification, allowing malicious behavior to occur.

 

1 REPLY 1
dpoisson
5-Regular Member
(To:LNissen)

From an A&D Company perspective, all possible actions in Windchill and Navigate must be available as events for security audit logging. 

Additionally, Audit Logging should include the following information to enable ease of determining how access was granted for the event.

Security Labels

Birth Country

Citizenship

Company

Company Country

Agreement Object Id

Agreement Object Name

Agreement Object Number

 

Announcements