Silver Bullet for Compliance

By | December 30, 2006

No-one in business today can be unaware of the compliance challenges facing the IT team in protecting company assets and processes. The statistics are clear, abundant and all around us, leaping from headlines on a daily basis; massive financial losses associated with security non-compliance are commonplace, as are high-profile court cases about staff misuse of email where internal policies have failed, along with punitive fines for software license infringement.

What is less clear however, is the strategy that is best employed to satisfy requirements.

Newly available integrated software tools that automate many of the standard required functions and report in real time may hold the answer, particularly for IT professionals working in the SME sector where the challenge is even steeper. In the past these organizations have been unable to invest in the resources, systems and staff that their larger brethren can call upon – yet the problems they face are identical.

Strategy and planning can easily become a wistful dream in the hurly-burly of daily fire fighting. Yet ignoring compliance issues inevitably spells trouble, as things left on the backburner tend to boil-over in time.

First and last: compliance is the key

Security and compliance are now more interconnected than ever and integrated software tools can provide easy-to-manage automation for IT managers. They often include quite broad portfolios of tools that save time and put the IT manager in better control of the network and how it performs.

Those considering this route should look for products which include features such as automated alerts and tools for threat removal, policy enforcement, data loss prevention via the USB port, network discovery and inventory management along with a range of configurable reports to satisfy board and departmental queries.

Under attack

Security threats can arise from any number of sources from intentional attacks via the internet, from unguarded or poorly educated staff, or malicious attacks from internal sources. To handle the variety of issues effectively, the IT manager must juggle an increasing array of security products designed to increase perimeter security, including anti-virus software, firewalls, IPS, IDS etc. Each system produces quantities of data, which must all be analysed and prioritised.

To make sense of the data and ensure compliance, the IT manager needs to view activity levels across the entire PC environment. Armed with this information, faster and better decisions can be made to remediate a range of security issues and deliver a higher degree of control to the IT team.

Lock and load

Making sure that software is compliant (patched and updated appropriately), is a time-consuming and often thankless task. However, it is important that it is done quickly and effectively, particularly if it´s anti-virus software that needs to be updated with the latest worm signature, for instance.

To save time, the process can now be automated and administered from a central console which can also remove services and applications when appropriate, restart computers remotely or delete files, control the use of shared drives or folders and update registry entries.

Leave a Reply