Posts tagged: 'protective monitoring'
The following posts are associated with the tag you have selected. You may subscribe to the RSS feed for this tag to receive future updates relevant to the topic(s) of your interest.
http://blog.logrhythm.com/tags/protective-monitoring/feed
Compliance – Time to Change the Future
He’s having the worst day of his life… over and over again.’
Ring any bells? It’s the strap line from the film Groundhog Day which sees Bill Murray’s character, Phil Connors, caught in a time warp – repeatedly waking up to find that things are exactly the same as the day before.
The film charts Connors’ frustration at being faced with the same situations every single day and seemingly unable to start the next day afresh.
Whether it’s travelling the same daily commute, or having repeated discussions about the latest information security regulation directive, I’m sure we’ve all related to that character at some point. Particularly if you are a miserable old curmudgeon like me (in fact I think you will find that Bill Murray based his screen persona on yours truly….)
With a seemingly endless list of new or amended regulations being introduced, it’s no wonder that IT security professionals can often feel like they’re stuck in their own Groundhog Day. No sooner does an organisation achieve compliance for one regulation, than another comes along, often bringing with it a sense of déjà vu for all involved.
Take the Payment Card Industry Data Security Standard for example. The first standard was introduced in December 2004, with the most recent revision in 2008, and an updated version due this October. As such, the regulation seems to have been around for an eternity and it’s no wonder that mentioning the subject will trigger a glazed response from many in the industry.
This rings even more true in the public sector where there seems to be a never ending stream of new initiatives and guidelines relating to information management and technology infrastructures. In the UK alone, organisations are faced with, for example, GSI/GCSX, CoCo compliance and latterly Memo 22 replacement, Good Practice Guide 13 (GPG 13.)
Information security is an ever changing beast. As technology evolves, so do the risks posed which is why it’s imperative that organisations -public and private – don’t become complacent when it comes to compliance.
As Bill Murray found in Groundhog Day, the only way to escape the monotony of his time warp was to re-assess his attitude to life. Of course I’m not suggesting for one minute that we turn our lives upside down, but there’s a lot to be said for taking a proactive approach when it comes to guarding against risk.
In every information security related regulation, there’s a requirement in some shape or form to protect the information being held by the organisation – from credit card details to children at risk records. Despite this, all too often security incidents are discovered after the event, once the damage has been done.
Protective Monitoring tools such as LogRhythm’s bring a new proactive dimension to information security-fulfilling multiple compliance requirements in the process. By centralising and automating how log data is managed, organisations can gain a clear insight into network and user behaviour. Any irregular activity is automatically flagged in real-time while reporting for compliance purposes is simpler and less time consuming.
As with most Hollywood films, Bill Murray’s ultimate goal was to get the girl. While I can’t guarantee that LogRhythm will bring similar results, it will help ease the Groundhog Day frustrations for those facing the continued compliance struggle.
Unless you’re happy living in Punxsutawney of course….
Tags: gpg 13, information security, log management, pci, protective monitoring
File Integrity Monitoring – an Automated Nanny for your Network
So it occurred to me today how wide ranging the requirements of File Integrity Monitoring (FIM) are….they have even moved into everyday life. I had just got the children ready for nursery all wrapped up and ready to go, just stepped out of the room to get the car keys, when I came back in I had two half-dressed children and a dog dressed head to toe in Baby Gap!
The same story is sadly true in addressing business objectives regarding technology. During the implementation of a server base everything is tested and retested to ensure conformity to standards. Over time though, because of change control breaches due to operational urgency for fixes, processes can then start to deviate from the accepted norm. This variance can then lead to further problems as upgrades and new software may work on some systems and not others. The conformity is then lost and workload increases.
With audit driven requirements such as the UK Government Standard GPG13 (the new benchmarking standard for GCSX CoCo,) PCI:DSS, and ISO27001, there may be a considerable period of time from the install of the system until it is next formally audited. During that period the Security & Compliance Officer (SIRO in UK Government terminology) may be under the false assumption that everything is as it was when they last looked at it. Additionally, there are requirements in these standards to monitor access to protected or sensitive information. FIM can continuously monitor and automatically notify when something occurs that is undesirable – the equivalent of the baby monitor alarming or the dog barking when clothes are “transferred” from a child to the dog.
Using LogRhythm’s File Integrity Monitoring agent, both auditing and operational requirements can be met. Deviations from normal operations and continuous monitoring of sensitive information for PCI:DSS can both notify in a timely and user-friendly nature that there is something undesirable happening. Now….if only I can get something similar developed for the kids!
Tags: compliance, file integrity monitoring, pci dss, protective monitoring
LogRhythm wins "Innovator of the Year" from SC Magazine. "This is not your father's log manager."