- Microsoft lays out SQL Server road map
- Credit card skimming
- Nortel's stock market capitalization plummets
- The Obama campaign's Search Engine to Nowhere
- Will Apple be forced to make more money?
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:Application Performance Solutions | App Performance | Networking Solution | SafeGuard Enterprise Solution Center | SOA | Test your Web Filter | Value of WDS
There’s good news and bad news about data center security, according to Nemertes’ just-published “New Data Center” benchmark.
First, the good news. Almost 80% of enterprises (both large and small) have a data center-specific security policy defined, and of those with policies, more than 80% regularly test compliance with them.
The bad news: Regarding operational security monitoring, the picture’s not so rosy. Although everybody engages in some level of system logging (whether solely for security reasons, or in support of regulatory-compliance efforts as well), fewer than 30% of companies log all systems, and fewer still collect the logs at a central location for review and analysis. In fact, most logs are left in place and never reviewed except in the heat of a crisis, or worse, in the aftermath. IT has been letting sleeping logs lie (sorry!), hoping they won’t bite when they wake.
That’s not acceptable. Security and compliance are increasingly high-profile in most enterprises, as we’re finding in the current benchmark on Security and Information Protection, and letting sleeping logs lie isn’t going to cut it. The key thing that has to change is for enterprises not just to gather but also to use the logging information.
Specifically, they need to analyze it and to correlate it across systems. They also need to integrate information from other tools such as network and system monitors, policy managers, and trouble-ticketing systems.
Unfortunately, as a stroll around the recent RSA Conference floor illustrated all too well, enterprise security is in the same position as enterprise systems monitoring and management generally: awash in point products that don’t integrate (or not well). That means IT executives need to look in dozens of places to find things out.
What IT executives need instead are tools that are able to work together, especially tools that function as a central aggregation point for displays and alerts. In other words, what’s required is a security console that can act as a single pane of glass for security tools of many types.
There are certainly products out there, from a variety of vendors, that are or try to be ready to serve in that position. Fewer, though, are ready to themselves be plugged into some other console, whether a general enterprise monitoring system or some other security manager.
Rss FeedRss Feed
Ever since there have been stocks and shares there have been so called "pump 'n' dump" scams. This...
Spyware: Know Your EnemyLike Macavity, the fictional feline in T. S. Eliot's well-known poem, spyware may be considered to...
The Online Shadow Economy: A Billion Dollar Market For Malware AuthorsMalware, meaning computer viruses, trojans and spyware, is about money. The teenagers who wrote...
Microsoft SQL Server has enjoyed phenomenal success as a database server. Its relatively low cost,...
Minimizing the Risk of Information Security Breaches: Best Practices for SOA Governance and Compliance - Live October 21Today's enterprises face more information security risks and vulnerabilities than ever before....
Migrating to Windows Vista: Necessity and OpportunityThe Vista era of Windows is here. Yet most organizations will retain Windows XP alongside new Vista...
Managing a newly virtualized environment can be tricky. Effectively deploy this technology with the...
Data Center DecisionsData Center Decisions Made Easier. Learn about the latest tech trends that impact your data center...
Closing the Loop: Extending Wireless LAN Security to Wireless PrintersEnterprises cannot overlook wireless printers when assessing network security. The print jobs and...
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Explore the Ultrium Edge
The powerful tape technology can address data security with tape encryption as well as long term data protection.
Find out more
Disk and Tape Square Off
Discover what disk and tape really cost -- and which solution provides lower total cost of ownership and optimizes energy use for your organization
Download the White Paper
Don't Fall For The Myths
The Clipper Group explores the truth behind the myths of tape, digging into the misconceptions in the disk vs. tape debate.
Download the White Paper
Will You Add Tape Too?
Over two thirds of disk-only users look to add tape back into storage infrastructure according to recent survey.
Download Survey Information
Comment