Complete awareness of agency network activity is not just critical to maintaining compliance with important government mandates, it’s also a key security component in today’s complex IT environment. Responses to a to a recent Dell Software survey of senior federal IT professionals, however, indicated that half of the respondents are reactive to network vulnerabilities and, as a result, struggle to maintain compliance with mandated IT policies and standards.
The survey findings underscore that compliance remains both a constant imperative and challenge for government agencies. In fact, 72 percent of respondents reported that their agency must comply with at least three federal mandates. Lack of compliance with important regulations like the Health Insurance Portability and Accountability Act (HIPAA) or the Federal Information Security Management Act (FISMA) can result in serious consequences that include actual security gaps in an agency’s network.
Proactive reporting capabilities are key both to complying with regulations, and mitigating damage from security breaches. If agencies cannot quickly identify the source of a security incident, a lengthy time-to-resolution can amplify data loss and damages. Real time detection and reporting capabilities position agencies to better identify the source of a breach, and proactively alert IT managers when abnormal network activity occurs so they can take immediate action.
Key research findings include:
– 81 percent of respondents cited the importance of having audit-ready, real-time reporting capabilities. These capabilities not only ease the compliance process, but also keep agency networks more secure.
– One-third of respondents felt they were losing the ability to accomplish their missions due to unwieldy maintenance and management of IT systems.
– 87 percent of respondents emphasized the need for real-time alerts in Government Risk and Compliance (GRC) software to help identify and immediately resolve IT issues.
To address these pain points, government agencies need to be able to answer the question, “How long since your last internal audit” with a confident, “Five minutes ago.” Continuous, automated monitoring of IT systems improves security and helps prevent data loss by providing a view into abnormal activity on the network. From a security standpoint, centrally controlled and managed compliance requirements provide a sound footing on which to attain (and maintain) control over the entire organization. Solutions that tell IT the stance right now, and capture changes in real-time, are the cornerstone to achieving confidence that the organization will pass the audit – and that it’s secure. Even properly controlled changes can have unintended results, and the IT team needs the ability to recover quickly and restore functionality so impact is minimized. Dell Governance, Risk and Compliance (GRC) solutions can provide all of this and more to help meet the challenges of running an enterprise in today’s increasingly complex and difficult world.
– To view the complete white paper on the research results here.
– For more information on IT governance, risk and compliance, please read the Dell Software data sheet.
Supporting Quotes:
“Security threats are evolving so quickly, and the consequences of failing to comply with regulations like FISMA are so severe, that real-time auditing and reporting on user activity is an essential line of defense for government agencies. As cyber threats continue to accelerate, agencies are reaching a tipping point where no-fail compliance and preventive hygiene should be a part of the fabric of daily operations. Real-time detection of vulnerabilities is critical to accomplishing a state of greater vulnerability awareness, and, ultimately, enhanced security resilience.”
Paul Christman, vice president, public sector sales and marketing, Dell Software
“At Dell Software, we listen to our customers, and, as a result, have developed a GRC methodology that provides real-world solutions to the difficult issues that arise with security and compliance. Our customers can proactively ensure visibility into their environment, simplify audits and reduce the risk of data breaches, failed audits and system downtime — so understanding and resolution are fast and efficient, all with a rapid ROI. We also offer unique capabilities that can prevent damaging or dangerous changes, enabling IT to potentially avoid incidents that would otherwise leave the organization insecure or scrambling to recover.”
Tim Sedlak, senior product manager, Dell Software
About Dell
Dell Inc. listens to customers and delivers innovative technology and services that give them the power to do more. For more information, visit www.dell.com.
Dell Software empowers companies of all sizes to experience Dell’s “Power to Do More” by delivering scalable yet simple-to-use solutions that can increase productivity, responsiveness and efficiency. Dell Software is uniquely positioned to address today’s most pressing business and IT challenges with holistic, connected software offerings across five core solution areas, encompassing data center and cloud management, information management, mobile workforce management, security and data protection. This software, when combined with Dell hardware and services, helps customers simplify IT, mitigate risk and accelerate business results.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.