No responsible IT manager willfully ignores IT security issues. Just about everyone in the organization is aware of the issue and potential threats. But managing IT security along with all the other assets that need to be managed is just too difficult. IT organizations need a simpler approach that melds IT systems and security management into one seamless activity. As IT gets more complex to manage thanks to largely to the rise of virtualization, the convergence of IT systems and security management become even more critical; especially as the number of threats to IT security grow in both number and complexity. In short, finding a simpler approach to managing IT systems and security has become a critical imperative because the only thing between IT and certain disaster is a thin line of IT expertise.  Layered  Security  Every IT security professional will tell you that IT organizations can’t rely on one single technology for defense. Sound best security practices require the use of multiple layers of security to make sure that should one layer of defense be breached. In the event of that breach, there should be multiple other layers of security technologies that will first detect that breach and then prevent that attack from compromising the organization’s IT systems.

The only thing between IT and the next major security breach is a thin line of IT expertise. Shoring up those defenses requires new approaches to systems and security management that rely heavily on IT automation to give organizations a fighting chance.

Strengthening the Thin IT Security Management Line

Security In Depth By Mike Vizard Tech Security Today

December 15, 2011

Layered Security

Creating multiple layers of security to detect and prevent a breach

Page 1

The Rise of IT Automation IT organizations need next-generation tools that automate management and security

Page 2

Reducing the Total Cost of IT The perceived value of the organization’s brand now is directly tied to the level of IT security it provides

Page 3

2

1

The most common example of a layered defense is the use of anti-virus software on endpoint devices coupled with firewalls deployed at the edge of the network. While most IT security professionals would recommend more layers of security, many small-to-medium (SMB) organizations face the challenge of not having the skills or resources available to manage anything more complicated. Worse yet, the IT environment is getting more difficult to manage with each passing day with the addition of more virtual machines running application workloads that all need to be secured. The sad fact is that most IT organizations can’t keep up with existing requirements for patching applications -- each new application workload that gets added to the environment simply exacerbates the problem even more.  The  Rise  of  IT  Automation  Alas, most IT organizations can’t afford to continue throwing people at the IT management problem. IT organizations need next-generation management tools that not only automate the management of IT systems and the applications that run on them, but also ensure those systems are secure. There is a direct correlation between the number of applications running without the latest patches and the number of vulnerabilities that exist within the IT environment. In a world where application vendors routinely divulge

Every IT security professional will tell you that IT organizations can’t rely on one single technology for defense.

2

vulnerabilities in their software, the only chance an IT organization has to make sure its IT environment is secure is to apply the patches that eliminate those vulnerabilities as quickly as possible. But that isn’t going to happen in a timely way if the IT organization is relying on manual processes. To address this issue, Dell has teamed up with Trend Micro and SonicWALL to create a framework for managing IT security that integrates anti-virus software and firewall technologies with Dell KACE security management appliances and the managed security services provided by Dell SecureWorks. Together these platforms and technologies are creating a layered approach to IT security that leverages the Dell KACE systems management platform to make IT security easier to manage in a way that can be extended to embrace a variety of complementary security technologies and IT platforms. Customers can opt to either manage those technologies together themselves or rely on the Dell SecureWorks managed services platform to manage them on their behalf.

3

Ut pharetra, diam

in consequat vulputate, leo turpis consequat dui, vel sodales risus odio non turpis.

1

By integrating security technologies with Dell KACE management platform, IT organizations can, for instance, automate the management of patch updates to not only application software but also the security solutions created by Trend Micro and SonicWALL. This creates a truly practical approach to unifying security and systems management, which unfortunately has proven to be an all too elusive goal for IT organizations of any size. No matter whether the IT organization opts to manage the environment itself or rely on managed services provided by the Dell, automating the management of the environment reduces the cost of managing IT security while dramatically improving the quality of the security being provided.  Reducing  the  Total  Cost  of   IT  Until now effectively implementing a layered security strategy has been beyond the means of most SMB organizations. Too often, IT security technologies have required the skills of dedicated IT security consultants that most SMB organizations can’t afford to employ. As a result,

2

approaches to IT security have yielded spotty results and a sense of dread over the inevitable security breach that will, at best, wind up wasting IT resources or, at worst, result in the theft of crucial intellectual property that can never be recovered. The only thing standing between the organization and that dire consequence is a thin line of overworked and understaffed IT organizations that need all the help they can get.

A layered approach to IT security management creates a defense in depth strategy that is easier to manage.

IT organizations need next-generation management tools

that not only automate the management of IT systems

and the applications that run on them, but also ensure

those systems are secure.

4

3

Cybercriminals and other digital miscreants have to be right only once to compromise an organization’s IT security, but the IT organization has to be right about security 8,760 hours a year. There is no chance of that happening without increased reliance on IT automation to not only discover vulnerabilities, but also deploy patches instantly. Dell and its partners have been striving to make IT easier to manage on all levels. But in the area of security the need to make the management of the overall IT environment simpler is particularly acute. The number of compliance regulations that require more stringent security controls is increasing, as are the fines and levies associated with not meeting those requirements. The sheer cost of simply notifying all the people and organizations that may be affected by a security breach alone can be astronomical. At the same time, the perceived value of the organization’s brand now is directly tied to the level of IT security it provides. One misstep and the organization can wind up losing millions of dollars in revenue almost overnight. The ultimate end goal should not only be to strengthen the security of your organization, but also reduce substantially the stress of the people tasked with protect your organization each and every day.

Dell KACE systems management appliances automatically identify potential vulnerabilities.

ABOUT TECH SECURITY TODAY

Tech Security Today is committed to providing insights and actionable recommendations to help small-to-medium businesses cost-effectively maintain security. To achieve that goal we have invited a number of notable bloggers and industry experts steeped in security knowledge to share their thoughts on best practices for setting security policies to prevent issues from occurring in the first place and then how best to remediate breaches once they occur. www.techsecuritytoday.com

ABOUT THE AUTHOR

Mike Vizard has more than 25 years of experience covering IT issues in a career that includes serving as Director of Strategic Content and Editorial Director for Ziff-Davis Enterprise, which publishes eWeek, Baseline and CIO Insight. Vizard has also served as the Editor-in-Chief of CRN and InfoWorld. In addition, he served as a senior editor with PC Week, ComputerWorld and Digital Review.