Get a holistic view of your security and compliance posture

The CIO-level business angle on the latest tech

Details of the Hannaford Brothers Cos. Data breach are still coming to light, but early indications are that the company had passed its certification for PCI DSS compliance. Theoretically, this means the company had security measures in place intended to prevent the data theft and ensuing fraud that is now well known. It’s now painfully obvious that whatever measures were in place still left areas of vulnerabilities that were exploited by some pretty determined hackers. This scenario is yet another reminder that security threats are growing in their sophistication and in the amount of damage that can be done.

Enterprise organizations throw tons of money and lots of resources at the problem each year. It’s just possible that the way the problem is approached is partially responsible for the vulnerabilities that still exist – or at least the fact that vulnerabilities (or actual breaches) go undetected.

Many companies create organizational “silos” to address network operations, security operations, and IT GRC (governance, risk and compliance). This separation of duties is actually a good thing, as it deters inside risks such as collusion. The problem, however, is that all of these internal organizations use their own tools and collect their own data in their own formats and store the data in their own repositories in order to do their jobs. As a result, there are multiple repositories of independent data that is rarely, if ever, correlated and viewed holistically. What does this mean? In simple terms, things fall through the cracks.

Companies deploy point solutions like intrusion detection systems (Compare IDS products); security information management (Compare SIM products); network access control (Compare NAC products); enterprise systems management; network behavior analysis (NBA); and a range of other tools to gather data, and monitor and remediate performance and operations (Compare Network Monitoring and Management products). But if/when something unusual happens and the experts have to delve into their logs to see what’s going on, there is a time lapse in manually relating information from one source to another. Depending on the length of the time lapse, considerable damage can be done. It’s important, then, to be able to correlate the data quickly to maintain a secure and compliant environment.

To continue reading, register here to become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Details of the Hannaford Brothers Cos. Data breach are still coming to light, but early indications are that the company had passed its certification for PCI DSS compliance. Theoretically, this means the company had security measures in place intended to prevent the data theft and ensuing fraud that is now well known. It’s now painfully obvious that whatever measures were in place still left areas of vulnerabilities that were exploited by some pretty determined hackers. This scenario is yet another reminder that security threats are growing in their sophistication and in the amount of damage that can be done.

Enterprise organizations throw tons of money and lots of resources at the problem each year. It’s just possible that the way the problem is approached is partially responsible for the vulnerabilities that still exist – or at least the fact that vulnerabilities (or actual breaches) go undetected.

Many companies create organizational “silos” to address network operations, security operations, and IT GRC (governance, risk and compliance). This separation of duties is actually a good thing, as it deters inside risks such as collusion. The problem, however, is that all of these internal organizations use their own tools and collect their own data in their own formats and store the data in their own repositories in order to do their jobs. As a result, there are multiple repositories of independent data that is rarely, if ever, correlated and viewed holistically. What does this mean? In simple terms, things fall through the cracks.

Companies deploy point solutions like intrusion detection systems (Compare IDS products); security information management (Compare SIM products); network access control (Compare NAC products); enterprise systems management; network behavior analysis (NBA); and a range of other tools to gather data, and monitor and remediate performance and operations (Compare Network Monitoring and Management products). But if/when something unusual happens and the experts have to delve into their logs to see what’s going on, there is a time lapse in manually relating information from one source to another. Depending on the length of the time lapse, considerable damage can be done. It’s important, then, to be able to correlate the data quickly to maintain a secure and compliant environment.

I’ve written before about tools that take the output of all these independent sources and correlate the data in one monitor (see “5 critical security questions that IT and corporate leaders are asking”). eIQnetworks takes a different approach to tying to solving the problem of disparate data; eIQnetworks has one integrated suite that does security management, change management, risk management and audit management. The idea is to use one tool and one data source to eliminate the operational islands and yield a holistic view of the network.

eIQnetworks packs a lot of punch into its SecureVue product. At the core of the product are Enterprise Security Management (ESM) capabilities, including log management, vulnerability analytics, configuration analytics, asset analytics, performance analytics, and network behavioral anomaly detection. End-to-end data is collected and correlated in one monitor and a vast dashboard with very detailed drill-down information. The network’s security and compliance status is in one enterprise-wide view. There’s real-time monitoring and alerting on violations, non-standard processes and more.

Linda Musthaler is a principal analyst with Essential Solutions Corporation.