Every industry has its own set of established regulatory guidelines and compliance policies for its smooth functioning of its business operations. It ensures the safety and survival of the organisations operating within that industry by adhering to those guidelines and policies. By complying with these standards, organisation provides the baseline of security requirements as well as reduce the risk of data breaches which can draw hefty penalties and potentially destroy its branding, customer trust and eventually its business. Therefore Security and Compliance is of prime importance to each organization.
IBM plays an important role in this space by providing product like Z Security and Compliance Center. IBM Z Security and Compliance Center automates the collection of compliance data on z/OS and Linux on IBM Z systems. This solution not only provides predefined profiles for regulatory frameworks and security standards like PCI-DSS , CIS benchmark and NIST standard but also provides flexibility to create custom profiles as per business needs.
IBM Z Security and Compliance Center provides web UI for better usability experience which can trigger validations against your desired profiles for selected systems. It also provides nice dashboard view which shows graphical representation of all results captured.
It provides set of enhanced features and functionalities. One such important feature is recurring scan which is described below.
What is recurring scan?
Recurring scan is scan which can be scheduled in advance to run automatically on specific date and time and at specific frequency. Scheduling a scan for future date and time becomes helpful for periodical reporting.
Why recurring scan?
You can customize the frequency of the scans to best fit your needs. It supports various frequencies such as hourly, daily, weekly and monthly.
User can select End time of scan or occurrences after which scan need to be stopped. It not only provides drift over time automatically but also gives user privilege to download report to find delta between two scans.
Before you begin:
- Scope: A set of one or more target systems for validation through IBM Z Security and Compliance Center.
- Validation: The process of comparing collected compliance data (facts) with a profile.
Now let’s go ahead and create a scope and ensure the correct credentials are mapped in that scope
How to schedule a recurring scan:
-
Login to zSCC Dashboard.
-
Navigate to the assess -> scans page
-
Select the scans tab
-
Click on create “new scan"
-
Enter the required details and select the scope against which you want to run the recurring scan
Make sure if you are selecting oracle scope, select oracle profile only
-
Click “yes” on “Should this scan automatically repeat?” to enable the recurring scan
-
Enter the start date and time
Please note past date and time are not allowed
Select the frequency as per the requirement. Select how many recurring scans occurrences you want or Select End date for recurring scan.
Result:
IBM Z Security and Compliance Center provides detailed result of recurring scan on same page which gives clear idea how and when all scans got triggered which provides ease to user to view detailed report.
Automatic drift over time graph helps better visualization of compliance data for a given time period. Delta report is best to use with recurring scan to find delta between 2 recurring scans whereas for all scans, IBM Z Security and Compliance Center allows capability to download detailed report.