Embed Size (px)
DESCRIPTION
Citation preview
IT Foundation Management for Compliance
Your business is built on IT
Meeting the Compliance Challenges in the IT Foundation
Page 2
IT Foundation Management
Security Foundation
Closing the Foundation Gap• Role-based access and control• Record the 5 Ws• Complete forensic history
Compliance FoundationMeeting Intent & Interpretation• Control subsystems changes• Detect compliance events• Build auditable history
IT Operations Foundation
Doing More with LessUniversal, integrated
environment•Optimized automated process •
Secure remote management•
IT Services FoundationDelivering on CommitmentsSense and Respond in real-
time• Correlate across the
architecture• Proactively manage and
protect• TDi Technologies Your business is built on IT
Page 3
What is the IT Foundation?
Servers… Network Gear… SANS… Operating Systems…
Networks…Databases… Appliances…Virtual Machines…
Blades…
Environment…
The IT Foundation includes all of your:
And is supported by:
I’m Joe…Solaris Systems Administrator
Steve,I’m a SANS Administrator
Cheryl,Oracle DBA…
Hi. Raphael.Network Administration
Hi I’m Tania,Linux Systems Administrator
Dave,Independent Consultant
Chris here…Tools Manager
Michael…VM Administrator
TDi Technologies Your business is built on IT
Page 4
IT Foundation Management
I’m Joe…Solaris Systems Administrator
Steve,I’m a SANS Administrator
Cheryl,Oracle DBA…
Hi. Raphael.Network Administration
Hi I’m Tania,Linux Systems Administrator
Owen,IT Operations Manager
Rhet here…Tools Manager
DELIVERS:
Foundational System Unified Security Model Advanced Compliance Practice Transparency & Oversight
DRIVING:
Control Simplification Common Practices Transparency Reliability Quality
YIELDING:
Automatic documentation Unified role based access & control Improved Governance Reduced Risk Information Assurance Persistence – never loses control
Michael…VM Administrator
TDi Technologies Your business is built on IT
Privileged Actors
Privileged Interfaces
Page 5
IT Foundation Compliance Challenges
TDi Technologies Your business is built on IT
Joe, Solaris Sys Admin
Steve,SANS Admin
Cheryl,Oracle DBA…
Raul,Network Admin
Tania,Linux Sys Admin
Michael,VM Admin
Daily Changes Occur:Break/Fix, Incidents, Configuration,
Patching, and Maintenance
Consequences Include:Undo Risk and Cost to the Business
Inadequate Records
FTE Back-filling Gaps
Fines
Human Error
Service Disruptions
Sensitive Data Breaches
Lack of Control
Out-of-policy activity
Out-of-policy access
Lagging Response (often long after-the-fact)
Compliance Requires:Change Control and Documentation
Inaccurate information
Incomplete records
Documentation lag
Large time consumption (cost)
Impossible to verify
Lack of transparency/oversight
Yet foundational changes are often recorded manually, resulting in:
Page 6
With IT Foundation Management:
TDi Technologies Your business is built on IT
All Foundational Changes are Recorded Automatically…
I’m Joe…Solaris Systems
Administrator
Steve,I’m a SANS
Administrator
Cheryl,Oracle DBA…
Hi. Raphael.Network Administration
Hi I’m Tania,Linux Systems Administrator
Michael…VM Administrator
Normal Operatio
n
Maintenance
FailureConfigur
ation
…in All Modes.
Page 7
Simplifying Work While Improving Change Records
Determine action
Implement change
With the Traditional Approach, Privileged Actors need to…
With IT Foundation Management,Privileged Actors need to…
Open documentation
system
Recall details of change made
Manually document changes
Resulting in documentation that is…ManualInaccurateIncompleteInconsistentCostly to produce
Determine action
Implement change
Resulting in documentation that is…AutomaticAccurateCompleteConsistentNo FTE cost
TDi Technologies Your business is built on IT
Page 8
Command and Control
TDi Technologies Your business is built on IT
No Threat.No Action Required.
IT Foundation Management Delivers Real-time Policy Enforcement
Resulting in Real-Time Foundational Command and Control
Real-time scanning of Privileged User Activity
Script Engine for Complex and Wildcard Rules
Control over Sessions – including Termination
Configurable Alert Priorities
Custom Actions (email, text, terminate)
Unlimited Rules Support
Directly Embed Compliance Rules in Scans
Their activity is scanned in real-time
against Policies
Business Rules
Privileged Actors perform their
Work
Break/FixIncidentsConfigurationPatchingProgrammingHousekeepingMaintenanceInstall software
Threat!1. Generate Alert2. Terminate Access3. Etc…
Page 9
Reducing Risk to the Business
TDi Technologies Your business is built on IT
Inaccurate documentation
Undocumented changes
Unnecessary complexity
Little or no control capability
No means of verification
Lack of accountability
When mistakes happen in the IT Foundation, the business is placed at risk.
RISK
Automatic Documentation
Absolute Accuracy
Dramatic Simplification
Real-time Command & Control
Definitive Verification
Explicit Accountability
Reducing our risk exposure is always a good thing. When it includes addressing regulatory, security and operational challenges the value adds up fast.
CEO
“
Page 10
Compliance Benefits
Control
Scans actions as they are taken
Powerful Script Engine for complex business rules
Automated actions (email, text, terminate session)
Auditing
Automatic capture of privileged user actions
Easy reporting against ITIL processes and CMDB records
Unified role-based access and control over privileged interfaces
Benefits
Reduce Risk Footprint
Avoid Fines
Eliminate Service Disruptions
Stop Breaches
Gain Visibility
Change Records
Automatically documents all privileged user changes
Persistent in all modes
Records in real-time
Digital signing of records for forensics/auditing
TDi Technologies Your business is built on IT
Page 11
How to Engage TDi Technologies
Web: www.tditechnologies.com/contact
Email: [email protected]
Phone: 1-800-695-1258
TDi Technologies Your business is built on IT
