Using systems management tools in IT security

Chisel or sharpened screwdriver?

  • alert
  • submit to reddit

Providing a secure and efficient Helpdesk

Workshop Every IT professional recognises the importance of securing the IT systems that are now at the heart of many business processes. This recognition goes beyond simple deployment of security technologies.

As Register readers have told us, drivers such as compliance with regulatory pressures, minimising financial risks, securing corporate data and protecting a company’s brand are all important aspects of what we might term 'IT Security' today. No wonder, then, that its significance in continuing day to day operations is now recognised as a fact of IT life.

This recognition places greater stress on the overall management strategies that organisations need to secure IT operations. Such strategies generally depend upon using systems and security management tools effectively; the alternative is to implement labour intensive processes using scarce human resources.

It is also a fact that organisations are looking to continuously deploy new and updated services and to make use of an ever-growing range of tools and devices. Specialist tools do exist to deal with security itself, but we are seeing pressure from various quarters to consider security as one element of the broader IT management discipline. Against this background, then, how should IT security be tooled up?

Perhaps the most obvious starting point is to revisit some of the solutions at the heart of good systems management, with respect to their specific security role. Amongst these are, for example, identity management, asset management and data classification technologies. Where do these capabilities fit from a security perspective, as organisations look to deploy new solutions and work in rapid response to volatile business conditions?

Let’s take identity management first, given that it has the most obvious direct connection to securing IT operations and services. Few organisations have implemented identity management policies and solutions that can span the entire IT infrastructure, so its role in security management will be inevitably limited as a result. Even fewer have policies or tools in place capable of working with identities of individuals outside of the organisation who may require access to corporate information.

Meanwhile, the potential benefits of using well maintained asset management tools to help secure the organisation have not been widely recognised in the security sphere. Yet a little thought illustrates how the asset / inventory / configuration information held in such repositories can be exploited to support the management of security as a whole.

Simply checking that operating systems and applications are running the latest patches has obvious security benefits, especially when you take into account that identifying un-patched machines without such tools is both time consuming and prone to manual errors. Knowing who is using which machine and whether the device is loaded with the software appropriate for the job could also help highlight areas of potential exposure.

This can be aided by ensuring that all software utilised in the business is properly licensed: not only knowing what you have, but also paying for the requisite levels of software assurance, patching and support all contribute to minimising risk. As illustrated by the research quoted earlier in this article, licensing also links to protecting the company’s brand values: no commercial organisation wants to be hauled up for theft.

The final example of using systems management tools to help ensure security management policies are enacted in the real world, concerns data classification. We know that increasing amounts of sensitive corporate data are being held outside of central storage platforms, for example on laptops and mobile devices. Unless the organisation has some means, manual or automated, of establishing the sensitivity of data held on such machines it is a difficult task to ensure that sensitive data is adequately secured and protected. However, with new disclosure legislation looking likely in various countries, together with increased penalties for data loss and data breaches, organisations are under increasing pressure to do so.

This is an area where the solutions available are still developing, particularly in terms of making it simpler to classify data types and set appropriate policies. In the future we may see solutions that take the pain out of data classification, but in the meantime and when starting out, organisations are tending to adopt more broad brush approaches to data protection. For example, rather than attempting to undertake sophisticated data classification projects they may decide on implementing encryption across all mobile devices.

So, there are systems management tools available which can help raise the level of security in IT services delivery, but this approach can only take things so far as such tools were not designed specifically for the job. If the tools offer only the means and not the end, this raises the challenge of how to ensure that security management needs are comprehensively covered, particularly if the potential use case scenarios are not widely understood outside the domain of security specialists?

This latter point is especially important when considering security management in relation to the increasing burden of compliance. Regulatory and external compliance pressures require IT professionals to define systems and processes that will help the organisation meet its obligations.

Hence the problem for many IT staff, who are not usually legal eagles, becomes one of trying to define the requirements for management tools and policies that are actually going to work to any practical extent. Even getting to this stage needs the input from those with knowledge of the compliance drivers, preferably translated into language that mere mortals can comprehend such that management tools can be pointed at exactly what needs to be administered.

The way forward, one might naively assume, would be to get the experts together – for example bringing together specialist staff from a compliance monitoring department to work with systems management staff within the business, or employing external consultants who have done it before.

Equally there is a place for the IT vendors themselves, systems integrators and other partners to educate their own customers on how systems management solutions can address the challenges defined by the policy makers. There are also some independent forums of experts from within end-user organisations who are tussling with these challenges – the Jericho Forum is worthy of mention, for example. Right now however, nobody has a monopoly on all the answers.

As ever we are keen to hear how you are dealing with these issues. How do you actually govern the security of your IT services? Who is involved and who shouldn’t be? What tools do you find useful and to whom do you turn for advice? Please let us know how you are working to improve your security governance of IT services. ®

New hybrid storage solutions

More from The Register

next story
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
TorrentLocker unpicked: Crypto coding shocker defeats extortionists
Lousy XOR opens door into which victims can shove a foot
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
prev story


Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.