improve roi on security & compliance management infosec israel 2010
Post on 16-May-2015
934 Views
Preview:
DESCRIPTION
TRANSCRIPT
© 2010 NetIQ Corporation. All rights reserved.
Improve ROI on Security and Compliance ManagementJune 7, 2010
© 2010 NetIQ Corporation. All rights reserved.
How Much It Cost To Be Secure?
2
First Level
Third Level
Second Level
*Calculated on 2080 Hours/Year
Resource Type Ownership %
Hourly Cases
Hourly Cost*
Help Desk & Service DeskLow Skill ResourcesHigh Turnaround
68% 4 22$
IT ProfessionalsPlatform SpecificIn-House Personnel
26% 1,5 44$
Security OfficersTechnology SpecificMostly External
6% 0,13 112$
Deeper it goes, longer is the Exposureand the associated Risk Cost
Standard IT Security Model
© 2010 NetIQ Corporation. All rights reserved.
High value resources consumed by simple tasks Different skills required for different platforms Training costs Adoptions of service management frameworks that incur
higher than expected costs Roles and responsibilities not formalized New technologies that introduce unexpected management
challenges Inability to track and evaluate response times The User is never part of the Solution Impossibility to calculate the per-piece/per-transaction
managing Security impact cost
And Why?
3
© 2010 NetIQ Corporation. All rights reserved.
Goal of IT ManagementBecome an Efficient Business Enabler
Operational Efficiency
Business E
nablement
Goal:Cost Effective withOptimized Service Delivery
Sub-Optimal:Cost-Centric and Tacticalwith Marginal Services
Current State:Expensive and Tactical with
Limited Perceived Value
Sub-Optimal:Aligned To Business Goals But
Expensive
Efficient Business Enabler A
Low Cost Provider C
Expensive Business EnablerB
Low Value ProviderD
© 2010 NetIQ Corporation. All rights reserved.
Management’s DilemmaOperational Efficiency vs. Business Enablement
Significant up-front Significant up-front investments and the need for investments and the need for profound changes profound changes jeopardize jeopardize or delay expected cost or delay expected cost reductionsreductions..
Off-shoring and outsourcing, Off-shoring and outsourcing, combined with little combined with little investment in processes, investment in processes, often often forsake agility and forsake agility and business enablementbusiness enablement..
“The Cost Cutter” “The Framework Adopter”
Operational Efficiency
Busin
ess E
na
blem
ent
Operational Efficiency
Busin
ess E
na
blem
ent
© 2010 NetIQ Corporation. All rights reserved.
A Different ApproachIT Process Automation Provides a Direct Route to Improve Efficiency
IT Process Automation IT Process Automation enables you to:enables you to:
1 Reduce Inefficiencies from Current Security Mgmt Tools
• Eliminate manual intervention caused by routine, highly mundane tasks
• Free administrators to focus on more critical problems to the business
2 Integrate Tools within IT Security and Operations 3
• Combine management data with contextual information to further streamline IT run books
• Allow IT managers to reallocate resources to deliver strategic business projects
Integrate the Business into IT Security Mgmt Processes
• Bridge security and business users by formalizing responsibilities within the context of IT processes
• Improve business alignment and reduce IT costs by involving the business in IT processes
Simultaneously improve both business enablement and operational efficiency
Demonstrate improvements in the short term and long term
Support both framework adoption and cost-cutting strategiesOperational Efficiency
Bu
sine
ss En
ab
lem
en
t
1
2
3
© 2010 NetIQ Corporation. All rights reserved.
The NetIQ Security Vision
7
Audit
Monitor
Control
Be efficient on risk vs. business value
Understand the security and risk posture
Satisfy compliance mandates
Distributed, multi-vendor environments
Business alignment and policy exceptions
Configuration drift Evolving best practices
and vulnerabilities
Reduce risks of privileged user access
Protect sensitive corporate data
Quickly resolve threats Satisfy compliance
mandates
Invisibility of privileged user activity
Large volume of user-generated events
Excessive privileged access rights
Lack of integration
Manage planned and unplanned changes to production systems
Harden business elements efficiently
Satisfy compliance mandates
Impractical or ineffective change auditing
Restricting permissions without impeding service delivery
Inability to relate changes to change authorizations
Monitor and Manage Monitor and Manage User ActivityUser Activity
Control and Audit Control and Audit ConfigurationConfiguration
Manage and Enforce Manage and Enforce Change ControlChange Control
Goals Challenges Our Approach
Ne
tIQ
So
luti
on
Ne
tIQ
So
luti
on
Ne
tIQ
So
luti
on
All of those through Automation
© 2010 NetIQ Corporation. All rights reserved.
Control and Audit Configuration
8
NetIQ DeliversReal-time event correlation reduces alert volumes while highlighting critical events, improving incident management while reducing costs.
TRACE™ technology delivers log management, protects the chain of custody, and provides trend analysis and forensics to meet evolving mandates.
Powerful auditing of user activity and access controls helps meet compliance mandates and address both inside and outside threats.
Effective detection at both the host and network level provides better protection of corporate data and demonstrable oversight of change controls.
What's NeededEvent Correlation and Analysis
Log Management and Forensics
Access Control and User Monitoring
Change and Threat Detection
Challenges What's Needed1. Security events and alerts often overwhelm
security staff, inhibiting effective security incident management.
Event Correlation and Analysis
2. Evolving mandates require more than simple log consolidation, to encompass integrity of data, chain of custody, and forensic reporting.
Log Management and Forensics
3. Effective protection of corporate data is dependent on user activity monitoring, which is often inhibited by native capabilities.
Access Control and User Monitoring
4. Intrusion detection and log monitoring are insufficient to meet the evolving mandates for data protection and change control.
Change and Threat Detection
Primary Goal:
Protect systems, applications and data in accordance with their business value and satisfy compliance mandates
© 2010 NetIQ Corporation. All rights reserved.
NetIQ DeliversA prevention-oriented, proxy-based administration solution delivers higher availability than that of system-wide backup and restoration.
Non-hierarchical, rules-based delegation simplifies safely granting privileges to users.
Automated tasks triggered by events streamline routine administrative tasks, saving time and improving service.
Automation and repeatability, along with Active Directory and Unix users optimization, assures business availability and satisfied end users.
Monitor and Manage User Activity
9
What's NeededPrevention and Recovery
Delegated Administration
Administrator Task Automation
Migration and Optimization
Primary Goal:
Maintain the infrastructure, applications, user accounts, and security per business requirements
Challenges What's Needed1. Administrative errors and malicious acts
threaten the integrity and reliability of systems and services.
Prevention and Recovery
2. Native tools make it impractical to enable non-administrators to make routine or low-risk changes.
Delegated Administration
3. Manual, routine tasks often consume valuable skilled resources.
Administrator Task Automation
4. Diversity, complexity and emerging technologies increase the time to deploy and operate systems management tools.
Migration and Optimization
© 2010 NetIQ Corporation. All rights reserved.10
Manage and Enforce Change Control
10
CalCom DeliversAutomated Process for Real Time Policies Enforcement within the different IT Layers, not stopping the normal operations
An extensible library with hundreds of Policy Process Protection Rules covering OSs, Applications, Users Behavior, Network Connections
Learning Mode to understand how and element should behave. Unparalleled capabilities in Monitoring, Auditing, Access and Change control
Built-in reports, Regulatory Compliance Reports, Policy Center © – Gap Analysis Report and Compliance Dashboard ©
What's NeededHardening Solutions that doesn’t harm or stop the Services Operations
Harden not only basic Objects but also ensure Applications proper utilization and regulate Policies Changes and Access
Easily provide Real Time Policies monitoring and implementation
Unparalleled reporting capabilities on regulatory compliance
Primary Goal:Real time enforcement of an organization policy throughout the different layers of the IT infrastructure. Without stopping the services operations
Challenges What's Needed1. Real time enforcement of an organization
policies on the IT Infrastructure layers, without harming the Services Operation
Hardening Solutions that doesn’t harm or stop the Services Operations
2. Protect and enforce the organization’s Policy Processes through verifying the User behavior
Harden not only basic Objects but also ensure Applications proper utilization and regulate Policies Changes and Access
3. Monitor, alert and prevent policies break, rolling back to any change of the hardened element following the Policies
Easily provide Real Time Policies monitoring and implementation
4. Be able to produce a wide range of regulatory reports, gap analysis, what if analysis and compliance dashboard
Unparalleled reporting capabilities on regulatory compliance
© 2010 NetIQ Corporation. All rights reserved.
All of Those Through Automation
11
Workflow Automation Engine
NetIQ Products
Message Bus, Resource Model, CMDB
3rd Party Best-of-Breed products
Run Books(Event Correlation, Fault Recovery, Routine
Server Restarts, etc. )
Processes (ITIL Incident Management, Change
Management, DR testing, etc.)
Correlation Engine
AM
SM
/CG
SC
M
DR
A
SC
OM
HP
OM
Rem
edy
Sm
arts
AdaptersBi-directional data collection and control
Activity LibrariesWorkflow building blocks that control other tools
Process TemplatesProvides built-in knowledge
Presentation LayerConsoles tailored to specific users
Independent EnginesAllow data processing scalability
Resource Mgmt DB Normalizes data from diverse tools
Ops ConsoleConfig Console Reports
…
…
© 2010 NetIQ Corporation. All rights reserved.
At The End This is What Really Counts
12
© 2010 NetIQ Corporation. All rights reserved.
Real World Example On Self Password Reset
13
© 2010 NetIQ Corporation. All rights reserved.
NetIQ Aegis
NetIQ Security Manager− CalCom Hardening Module− NetIQ Change Guardian for Databases− NetIQ Change Guardian for Active Directory− NetIQ Change Guardian for Group Policy− NetIQ Change Guardian for Windows
NetIQ Secure Configuration Manager
NetIQ Security Solutions for iSeries
NetIQ Identity Integration Suite
The Cast and The Crew
14
© 2010 NetIQ Corporation. All rights reserved.
• Organizations can realize benefits in the form of improved productivity for system administrators, as well as other IT professionals, through the automation of common IT processes.
• Higher ROIs are achievable with each additional process automated through Aegis. In general, an organization would expect greater returns as more workflows are implemented to reduce the amount of time required to perform a given process.
Total Economic ImpactROI and Payback Period for NetIQ IT Security Process Automation
FORRESTER®
Summary financial results
Original estimate Risk-adjusted
ROI 150% 141%
Payback period (yrs)
1.1 1.2
Total Benefits (PV) $1,232,563 $1,192,083
Total costs (PV) ($493,847) ($495,549)
Total (NPV) $738,716 $696,534
15
© 2010 NetIQ Corporation. All rights reserved.
Next Steps with NetIQ & CalCom
Your Need Action ItemsLearn More about IT Process Automation
Visit NetIQ.com and Calcomp.com Schedule an online demo Attend a NetIQ webinar
Validate Our Approach
Read Forrester SWOT and Total Economic Impact™ Study Read Gartner SIEM Magic Quadrant™ report Read Gartner IT Governance, Risk & Compliance MarketScope™
Build a Business Case for NetIQ
Read Forrester Total Economic Impact™ Study Complete ROI calculation with NetIQ and CalCom Complete an internal business case
Assess NetIQ for aTechnical Fit
Schedule a technical discussion with our engineers Implement a Proof Of Concept (POC) onsite Engage our consultancy services to perform an onsite assessment
Prepare for IT Process Automation
Optimize your existing deployment Work with NetIQ/CalCom consultancy to plan a roll-out Leverage introductory pricing to implement a production pilot
© 2010 NetIQ Corporation. All rights reserved.
NetIQ Sales IGIC
Via Varese 6/a – Paderno Dugnano
Milan, 20037 Italy
Tel: +39 02 99 06 02 01
Fax: +39 (0) 2 9904 4784
Info@NetIQ.com
NetIQ.comFollow NetIQ:
NetIQ, an Attachmate business.
© 2010 NetIQ Corporation. All rights reserved.
Marco BianchiSales Director Italy, Greece, Israel and Cyprus
World Wide New Offerings Director+39 348 2214412Marco.Bianchi@NetIQ.com - www.netiq.comJLudmir@CalComp.co.il - www.calcomp.co.il
top related