Compliance

Rapid proliferation of unmanaged, IoT, and IoMT devices creates a rapidly growing attack surface that must be secured. Besides addressing cybersecurity requirements, many of these devices must also comply with radio frequency and immunity criteria set by regulatory bodies. These include the U.S. Federal Communications Commission (FCC), EU Radio Equipment Directive (RED), and Canada's Innovation Economic Science and Development (IESD) certification. Organizations can rely on Ordr to help them quickly identify devices or device fleets that run legacy operating systems, have been banned, or must be tested and certified to maintain compliance.

The Solution

Simplify Compliance

Ordr enables organizations to address a variety of compliance requirements by delivering visibility into every connected device. Machine learning automatically profiles each device's communication patterns and maps them via the Ordr Flow Genome to reduce exposure to known and zero-day threats. With a single platform, Ordr enables your team to see every device, understand those at risk, and take proactive measures to bring them into compliance.

Know Every Device

Discover every device and maintain an inventory of those that store sensitive information or must comply with specific regulatory requirements. Ordr’s discovery and classification engine can correlate device data with existing inventory and management solutions, providing granular details and real-time visibility.

Identify Noncompliant Devices

Ordr visualizes device communications within the network, including VLANs and subnets, making it easy to quickly identify non-compliant devices. Automatic policy generation enables you to isolate these devices and enforce security policy on your existing infrastructure.

Validate Risk Levels

Ordr validates the vulnerability, threat, and risk level of devices by comparing them to threat intelligence feeds, vulnerability databases, security advisories, and vendor recalls and alerts. Ordr also detects the use of weak ciphers, default passwords, and non-trustworthy certificates to bring devices into compliance. Reports are available for auditors.

Align with Industry Standards

Ordr addresses four of five NIST functions with its ability to discover, classify, assess, and quickly segment devices that are at risk. It also enables you to easily bring devices into compliance and align with specific framework requirements. For example, PCI DSS 3.2 requires enforcement of network monitoring and data access policies. Isolate and secure payment card systems within their own VLANs. Enforce device policies across network access control (NAC) products, firewalls, and switches.

Monitor Communications

Ordr uses machine learning to profile and map each device’s communication patterns via the Ordr Flow Genome. Continuous monitoring lets you- know when devices try to connect to unauthorized networks, communicate with malicious sites, or transmit anomalous data.

Benefits

Proactively reduce risk to support compliance

: Address multiple regulatory compliance requirements with one platform
: Identify devices and communications involving regulated data, such as PCI and ePHI, to enforce data controls
: Limit access to approved devices/locations/protocols using micro-segmentation policies
: Monitor devices for risks including vulnerabilities, active threats, anomalies, bad URL/ site connections, and other malicious activity
: Identify banned devices to comply with the National Defense Authorization Act

Resources

Bringing Ordr to CMMC Compliance for Unmanaged Devices

Learn how organizations can leverage Ordr Systems Control Engine (SCE) to meet CMMC standards for traditional managed devices, unmanaged devices, network, IoT and OT devices. Download the whitepaper.

Download Now

FIPS 140-2 Validation

Ordr has engaged Ubuntu/Canonical to perform FIPS 140-2 validation testing for the cryptographic modules used by Ordr. Read the bulletin now.

Learn More

NIST Cybersecurity Framework and Ordr

Learn how Ordr uses the NIST Cybersecurity Framework to help you identify, protect, detect, respond, and recover when security threats arise. Read the whitepaper now.