The ABCs of Security and Compliance
Understanding security and compliance is as easy as ABC: Access, Breaches and Changes. At a distance security and compliance share many similarities. As you get into the details, what you'll find is that their implementation differs though the steps to achieve end result (secure and compliant) may achieve both.
(A) Access control to the network resources is the most important role for IT. Granting, denying, monitoring all involved some form of privileged and systemic action to meet the needs of your end users. You will want to see who has access to what in snapshot reports of your environment including what access did users have previously as compared to the current state. For example, who has access to this folder now and who had access to it 6 months ago.
(B) Breaches are your virtual border crossings of information and access. For security and compliance, you need to report when users do something in case it is incorrect or damaging. Because of network complexity and existing rights that may not suit the users roles, you need to monitor who breaches data and resources using their granted permissions and rights. Just because a user has a right or permission does not mean they should be exercising it. You need detailed access reports on all uses of permissions both failed and successful throughout the environment.
(C) Changes are your worst enemy when it comes to meeting security and compliance objectives. You need configuration auditing to uncover the details of each change including who changed what permission and when on files, Active Directory OUs, SharePoint sites, SQL databases and so on. Knowing who changed what security groups and when, and even who changed the security policy to retain logs from 30 days to 2 helps sustain compliance and improve security. Do this change auditing task on a regular basis and you are simultaneously improving both security and demonstrating compliance.
According to Forrester, configuration auditing is the #1 security technology for next 3 to 5 years because of the increasing number of data breaches and current regulatory environment.
Access, breaches and changes are your three ABCs to meeting your security and compliance goals. This is an ongoing activity of producing snapshot reports, access reports and configuration auditing (including change auditing) that must be performed daily if not very frequently in order to be successful at these two objectives.
"It can be difficult to know what changed, when it changed, and who changed it. Add the dimension of time and it can be a full-time job for one admin. Add regulatory compliance and you'll need to hire a full crew to keep up the changes over time." – Michael Domingo, Executive Editor of MCPmag.com (read the Top 5 Horror Stories associated with poor IT infrastructure auditing >>).
Netwrix provides information technology audit solution for your compliance and security ABCs simply and easily. Using AuditAssurance™ and AuditIntelligence™ technologies, data is complete and accurate extracted from multiple sources, stored as single records and reported daily (or more frequently) to show your access, breaches and changes throughout the network.