According to the law, it is mandatory to keep such records for a period of no less than one hundred and eighty days and to provide at least an annual check by the data controllers on the compliance of the System Administrators, with the organizational, technical and security measures required by law.
Among the systems for which the law prescribes access control as necessary, there are ERP systems, Data Base systems, or other servers or devices, among which could in some cases also include workstations.
Sedoc Digital Group has created a simple and inexpensive solution for controlling the access of system administrators.
Free supply of the virtual appliance used to register accesses (Logon and Logoff) by System Administrators.
Monitoring, every three months, of the proper functioning of the proposed solution, in particular:
– Checking of the correct operation of the virtual appliance;
– Checking of the execution of log storage processes;
– Checking, where requested by the Customer, of a previously stored log recovery process.
Updating, when necessary, to guarantee compliance of the functional specifications of the virtual appliance, its configuration and physical resources made available to the appliance (RAM, CPU and disk space).
Support, when necessary, to the Company Security Manager for the use of the proposed solution.
Operators are available to customers from 8.30am to 6.30pm continuously, from Monday to Friday, excluding public holidays.
The Corporate Security Manager or client Data Controller may access the virtual appliance in a confidential and secure manner using the appropriate confidential credentials. The Sedoc Digital Group staff will train and provide appropriate instruction for operating with the IT solution to the Corporate Security Manager or Data Controller.
At the end of each operative intervention, a Data Center intervention report will be provided to the Customer with the following information:
Name and surname of the person who opened the call;
Description of the problem;
Date and time of cal lopening/closing.
Sedoc Digital Group s.r.l states that the IT solution implemented for System Administrator Access Control is able to record and manage System Administrator Access logs in the methods provided for in the System Administrator legislation (“Measures and mechanisms required from data controllers of processing with electronic instruments for assignment of system administrator functions”, web documents no. 1577499 and 1626595) of 27 November 2008 published in the Italian Official Journal no. 300 dated 24 December 2008.