Proactive Security Management - Large Enterprise Business - HP
Proactive Security Management - Large Enterprise Business - HP
Proactive Security Management - Large Enterprise Business - HP
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Complying With Changing Regulations<br />
Problems with privacy and lack of security have had enough press and public attention to induce widespread<br />
and far-reaching changes in the way we interact with governments, businesses, and organizations.<br />
Legislative organizations, standards bodies, and industry-specific groups have created laws, standards,<br />
and certifications to guide or mandate how we create, store, use, and communicate information.<br />
In the U.S., for example, the Sarbanes-Oxley regulation requires public companies to show that they<br />
preserve the integrity of corporate financial information and take steps to protect that information<br />
from unauthorized access. Another U.S. example is the Health Insurance Portability and Accountability<br />
Act (HIPAA), which requires enterprises to take meaningful steps to preserve the confidentiality of customer/patient<br />
information. Controls such as these drive the functionality of the security infrastructure<br />
and require proof of compliance by methods of auditing and event logs.<br />
<strong>Proactive</strong> <strong>Security</strong> <strong>Management</strong> Framework<br />
<strong>Proactive</strong> security management is comprised of three subcategories:<br />
• <strong>Security</strong> management processes<br />
• <strong>Security</strong> management tools<br />
• Enabling technologies<br />
<strong>Security</strong> <strong>Management</strong> Processes<br />
Simply having technology and tools does not ensure proactive security management. A combination of<br />
people, procedures, and technologies is required to fully implement a proactive security management system.<br />
Although most companies recognize the importance of preventing and managing information security<br />
incidents, many have limited knowledge of how to do this effectively. And few companies have designed<br />
and implemented incident prevention and management processes. This results in companies responding<br />
reactively to incidents and losing millions of dollars each year in cleanup efforts. Awareness and training are<br />
important security tools. Capturing and documenting best practices helps to continually improve capabilities<br />
and avoid security incidents—or at least respond effectively to them.<br />
<strong>Security</strong> <strong>Management</strong> Tools<br />
Certain tools make proactive security management more effective, more efficient, and less complex.<br />
Critical tasks for these tools include gathering and correlating security events; coordinating and automating<br />
responses to attacks; monitoring, testing, and managing patch and update status; prioritizing vulnerabilities<br />
and responses based on the scale of the threat; and linking to business objectives.<br />
Gathering and Correlating <strong>Security</strong> Events<br />
Although most companies<br />
recognize the importance of<br />
preventing and managing<br />
information security incidents,<br />
many have limited knowledge<br />
of how to do this effectively.<br />
Ideally, management tools collect and report faults from a wide range of subsystems in a centralized<br />
fashion. Effective reporting, however, can generate a lot of information. Event filtering tools help system<br />
administrators focus on the critical issues.<br />
To be most effective, the tools not only report on specific incidents, but also on broader usage and<br />
trends. For example, information from several devices may not reach the alarm threshold for each<br />
device, but the information might expose a blended attack or an attack that is trying to remain<br />
undetected. Correlating information from different devices assists administrators with finding root<br />
causes, determining effects, and making efficient decisions.<br />
<strong>Proactive</strong> <strong>Security</strong><br />
<strong>Management</strong><br />
3–5