Tag: Log Management

4 Best Practices for Today’s Log Management

Log management has long been considered a staple of most organization’s security platforms. It is the foundation for threat detection, data analytics and compliance audits. It provides the definitive record of what has occurred in your company’s digital universe. However… There are a few process hurdles that apply to most log management deployments. The data is static unless it is correlated, analyzed and remediated in real or near real time. And for most companies, it collects lots and lots of data. So much so, that

Evening the Odds

This is not a rant to prove how dangerous the IT business landscape has become. We all know the bad guys are getting bolder and smarter, the stakes are higher and the line between security and sacrifice are nearly transparent. Every IT and security professional are well aware of the risks and work hard at preventing breaches, leaks, intrusions and hacks. But, for a variety of reasons (from budget to headcount to lack of C-level support to tool limitations) it seems that the odds are

Analyzing the Top 10 benefits of Unified Security from the cloud (Part 2)

If you missed Part 1: read it HERE More than security from the cloud, the concept of unified security takes the method another step forward in terms of best practices—the ability to deploy a holistic security initiative, AND  one that seamlessly collaborates with the other components; that shares input across the enterprise so that a clearer understanding of vulnerabilities can lead to effective preventive policies and actions. They say the whole is greater than the sum of its parts. And that is the core of

Analyzing the Top 10 benefits of Unified Security from the cloud (Part 1)

Of all the strategies and tactics available to prevent breaches, deter data leakage and theft, control access and secure beyond the so-called network perimeter, the one that is emerging as an achievable and affordable best practice is that of unified security from the cloud. But if you look across the web, you will no doubt come across various versions of what constitutes “unified,” what is “protected,” and, what is “security from the cloud?” Luckily this means that the concept of unified security from the cloud

Beyond building houses, homebuilders faced with IT security challenges too

Just as home builders across the country install state of the art security and anti-theft devices in many of the beautiful new homes they build, this consideration must extend to the personal and financial information of its homeowner customers stored on its or its subsidiaries servers. Because pre-loan and mortgage applications loan digs deeper into a person’s financial life than any other commercial form, it holds a treasure trove of information for hackers. Top 10 builder D.R. Horton found this out first hand last year.

What retailer BCBGMAXAZRIA learned about cloud security, SIEM

The following is an excerpt of the recently released case study on how a major retailer, BCBG, migrated to a cloud security platform and discovered how SIEM and Log Management capabilities enhanced their abilities for enterprise security. For the entire case study, you may download a PDF version here. There was a time the only security issues retailers needed to be concerned with was theft. Put a guard in the store and a couple of video cameras and prevent as much loss as possible. Those

Continuous monitoring is enough for compliance, but ISN’T enough for securing data

Every 4,000 miles or so I bring my car into have the oil changed, the brakes checked and tires rotated. Why? Because I know if I leave it to chance, at some point down the road something much more devastating will affect the car. Many of us follow this simple preventive best practice. Then why is it major corporations and modest enterprises alike wait until their security is breached to address growing concerns of data theft, private information leakage or worse? Many of these companies

Mapping Compliance Requirements to an Integrated Cloud Security Platform

Much has been written about compliance. Best practices. New regulations. Technology cure-alls. Nevertheless, regulatory compliance remains a critical and strategic business need for most companies. If you process payments online; if you store sensitive customer data; if you transit financial or health information; you are bound by the mandates of an alphabet soup of state, federal and industrial regulatory agencies. Compliance is a reality of everyday business life, but often times becomes a burdensome cost center. Over the past several months I have had the

The Secret Sauce of User Provisioning

If you want the secret to user provisioning and de-provisioning in an enterprise setting, I’ll give you the one word answer, and then you can get on with the rest of your day… Integration. However, if you need to know why, how and with what…read on. The need to credential authorized users to your network and other proprietary assets is clear. You only want those with the proper rights in…and all others out. Complicating matters is that there are so many users these days…employees, channel

A de-provisioning proverb: When a door closes, just make sure you don’t leave a window open

Earlier this week I attended a local cloud developers group, and I met a gentleman who consults with companies to engage in deep dive forensic examinations of their networks. He looks for the virtual fingerprints of misdeeds, fraud, and misdoings that can be used for e-discovery in legal cases. He essentially gets down to the bits and bytes of how much information flows to certain IP addresses to ascertain whether or not proprietary data has been tampered or stolen. He confirmed something that I long