Making Your Security Configuration Data a Business Enabler

Wednesday, July 18, 2012

The state of IT security configurations is the best possible indicator of the enterprise organization’s overall security readiness.

It helps answer important questions like:

  • Are the systems that support our key business initiatives secure? and,
  • Do we know our risks well enough to mitigate them and move ahead with confidence—or do we need to spend more money on preventive security?

Yet until recently, you were supposed to answer these types of questions with reports consisting of arcane warnings and complex configuration descriptions like “ just failed CIS 1.9.6 and is allowing anonymous SID/ name translations.”

When enterprise organizations invest time and money developing security configurations for systems in their various data centers, they want to know that progress is being made toward their implementation.

The organization’s executive staff needs high-level evidence of this, while system operators need detailed information that shows specific system shortcomings that they need to fix or proof that they are making gains.

Configuration Data Mart gives you visibility into these two vastly different views of the same data. To do this, you would use Asset View to associate a risk level tag with each system check or test. You would also associate risk level, system layer, platform and data center location tags with each monitored system.

Then you could generate a report in which tags can be used to expand or collapse the report to show system operators a detailed view and executive staff any number of “rolled up,” higher-level reports that show overall progress.

(This content is provided as a promotional consideration for our marketing partner Tripwire)

Download the full Configuration Data Mart whitepaper here:

Enterprise Security
Information Security
Enterprise Security Network Security Configuration metrics Data Center TripWire Network Security Monitoring Configuration Data Mart
Post Rating I Like this!