Question FIDP-06
Do you employ host-based intrusion detection?
| Weight | 25 |
| High Risk | Yes |
| Required | Yes |
| Compliant Answer | Yes |
Standard Guidance
EDUCAUSE provides no guidance here
Answering "NO"
Describe your plan to implement host-based Intrusion Detection System capabilities in your environment.
Answering "YES"
Describe the currently implemented host-based IDS solution(s).
Reason for Question
It is important to have detective capabilities in an information system to protect institutional data. Because this is somewhat expected in information systems, vendors without IDSs implemented should raise concerns. Compensating controls need future evaluation, if provided by the vendor.
Follow-Up Inquiries
Ask the vendor to summarize why host-based intrusion detection tools are not implemented in their environment. What compensating controls are in place to detect configuration changes and/or failures of integrity?
HECVAT Pro Advice
[Add expert insights and best practices]
Implementation Tips
[Add practical steps for SME SaaS vendors]
FAQ
[Add common questions related to this HECVAT item]
Resources
[Add links to relevant articles or tools]