Get a holistic view of your security and compliance posture
If security and compliance are hot buttons in your shop check out eIQnetworks' SecureVue
IT Best Practices Alert
By
Linda Musthaler
,
Network World
, 04/14/2008
Sign up for this newsletter now!
Linda Musthaler's CIO-level look at the latest networking technologies and their benefits and pitfalls.
- Share/Email
- Tweet This
- Print
Details of the Hannaford Brothers Cos. Data breach are still coming to light, but early indications are that the company had passed its certification for PCI DSS compliance. Theoretically, this means the company had security measures in place intended to prevent the data theft and ensuing fraud
that is now well known. It’s now painfully obvious that whatever measures were in place still left areas of vulnerabilities
that were exploited by some pretty determined hackers. This scenario is yet another reminder that security threats are growing
in their sophistication and in the amount of damage that can be done.
Enterprise organizations throw tons of money and lots of resources at the problem each year. It’s just possible that the way
the problem is approached is partially responsible for the vulnerabilities that still exist – or at least the fact that vulnerabilities
(or actual breaches) go undetected.
Many companies create organizational “silos” to address network operations, security operations, and IT GRC (governance, risk
and compliance). This separation of duties is actually a good thing, as it deters inside risks such as collusion. The problem,
however, is that all of these internal organizations use their own tools and collect their own data in their own formats and
store the data in their own repositories in order to do their jobs. As a result, there are multiple repositories of independent
data that is rarely, if ever, correlated and viewed holistically. What does this mean? In simple terms, things fall through
the cracks.
Companies deploy point solutions like intrusion detection systems (Compare IDS products); security information management (Compare SIM products); network access control (Compare NAC products); enterprise systems management; network behavior analysis (NBA); and a range of other tools to gather data, and
monitor and remediate performance and operations (Compare Network Monitoring and Management products). But if/when something unusual happens and the experts have to delve into their logs to see what’s going on, there
is a time lapse in manually relating information from one source to another. Depending on the length of the time lapse, considerable
damage can be done. It’s important, then, to be able to correlate the data quickly to maintain a secure and compliant environment.
Linda Musthaler is a principal analyst with Essential Solutions Corporation.
Comment