editor's choice
Forrester Report: Server Virtualization Demands Updating Management and Security Processes
You will need to revise security policies and day-to-day procedures to deal with issues such as handling virtual disks, patching offline systems, controlling access to new management tools, and enforcing configuration practices. Read the white paper »
-
The Lowdown
What's Good for Security is Good for Operations
Discover why configuration auditing is key to operational stability, and that gaining visibility into all change to IT systems is the first step toward employing best practices across the organization. Get the whitepaper »
-
Gene Kim's Practical Steps to Mitigate Virtualization Security Risks
Tripwire founder/CTO Gene Kim provides seven practical steps that IT organizations can take to mitigate the unique security challenges of virtualization. While some are directed specifically at virtualized environments, many of these steps are solid best practices that apply to both physical and virtualized environments. Get the whitepaper »
-
IT Service Management: Metrics That Matter
Learn how your IT organization measures up against the best performing IT organizations and what you can do to improve efficiency, sustain compliance and security, increase system availability, and reduce the frequency of outages. Get the whitepaper »
Whitepapers
-
Secure Virtualization: Achieve and Maintain IT Security in Virtual Environments
Find out how to maintain the same level of stability and security across both virtual and physical environments, using the same software and approach. Read the case study »
-
Configuration Audit and Control in a Layered Security Strategy
Find out about the elements to consider when implementing a comprehensive security strategy and why no security strategy is complete without configuration audit and control. Read the whitepaper »
-
Proactively Reduce Risk and Improve IT Security in Physical and Virtual Environments
Learn more about the security risks and vulnerabilities faced by organizations, and the elements of a proactive security approach. Then find out how Tripwire helps organizations attain and maintain a good security posture using industry-leading configuration assessment and change auditing to harden systems against security breaches, automate compliance with security standards and policies, identify configuration changes, and resolve vulnerabilities. Read the whitepaper »
-
Challenges and Opportunities of PCI
Controls-particularly those around change and configuration issues-are critical to meeting the PCI DSS (Payment Card Industry Data Security Standard) mandates. As it happens, they also are critical to delivering the sustained and continuous improvement to stabilize the IT environment and avert risk that define top-performing companies. Find out why change auditing carries so much weight. Read the whitepaper »
-
Configuration Audit and Control: 10 Critical Factors to CCM Success
Enterprise Management Associates (EMA) points out that in today's complex IT infrastructures, businesses need a single, independent source for enforcing and reporting on a change policy across the organization. Learn the 10 key elements that are important to Configuration Audit and Control solutions so that you can improve your systems management productivity, reduce costs and sustain configuration visibility. Read the whitepaper »
-
Optimizing Infrastructure Control
An investment in configuration assessment and change auditing solutions can stabilize IT operations, lowering the operational costs associated with the IT infrastructure; and provide a solid foundation that increases the effectiveness of the investment in information security. Discover why IDC Research says TripWire can claim complete configuration control as its own domain. Read the whitepaper »
About the Sponsor | Tripwire
Tripwire Configuration Audit &Control solutions help you achieve and maintain the Integrity of IT Configurations. Tripwire Enterprise is the first solution to combine configuration assessment with configuration auditing, so you can proactively reduce enterprise risk and ensure efficient, compliant and secure IT operations. http://www.tripwire.com/
Ask the Expert
Q.
The IT infrastructure is constantly changing, and that can lead to a drift away from desired states that threaten the ability to deliver business services. How can IT managers and administrators deal with this problem?
A.
Complexity of IT components, new technologies such as virtualization, problems with IT system reliability, and an overwhelmed IT staff all may contribute to difficulties in maintaining the integrity of IT foundations. That can result in problems including poorer performance, weakened security, and compliance gaffes that impact business service delivery.
Businesses have to make ensuring IT infrastructure integrity a priority in order to optimize efficiency, increase confidence and trust in the IT infrastructure, improve security, and maintain proper regulatory compliance. IT research firm IDC has recommended that they do this through deploying change auditing technology. This requires establishing a baseline of a desired state for any object (such as file systems or system registries) and piece of infrastructure (from servers to firewalls); making comparisons between the current state and the baseline state; flagging deviations; and alerting appropriate parties so that rapid correction and recovery can occur. Couple change auditing with configuration assessment to gain further specific business benefits including: saving time and money by detecting undesired changes to software configurations or operational activities that would normally be undetectable, so that they are proactively discovered and corrected; improving IT staff efficiency and processes with policies for regularly running checks on systems, such as server configurations; and supporting the CIO's fiduciary responsibility with a change auditing policy that ensures he or she can effectively control and monitor information assets.
Related News
-
Time to Get Serious About HIPAA
— Feb 28, 2009 | InformationWeekIf your company qualifies as a covered entity under HIPAA, now is a good time to review your compliance efforts and fill in any gaps -- before the feds come calling.
-
Fear Slows Cloud Computing Adoption
— Feb 26, 2009 | InformationWeekWhile many business and technology managers see potential value in the cloud, fears over security and control are holding them back.
-
Risk Management Evolves for Risky Times
— Feb 18, 2009 | Wall Street & TechnologyAs the new presidential administration and regulators continue to try to pick up the pieces of the shattered U.S. economy, the heat is on financial institutions to make sure their risk management practices are fully aligned with rapidly changing economic and market conditions.
-
C-Level Executives Weigh in on Information Security
— Feb 14, 2009 | InformationWeekThe InformationWeek Analytics survey of 326 business technology professionals suggests that C-level executives not only recognize the importance of information security, but they actively support their IT organizations' efforts to protect corporate assets and reduce risk. Among the high reason for executive support: the rise of high-volume theft of credit card information, Social Security numbers, and other personal data; the fact that these thefts have triggered a number of state breach-disclosure laws; and companies also face industry data-protection standards such as the Payment Card Industry Data Security Standard.
-
SMBs Face Looming PCI Security Deadlines
— Feb 3, 2009 | ChannelWebOn top of increasing business expenses and shrinking lines of credit in a weak economy, many small businesses will face one additional pressure in 2009: looming compliance deadlines for Payment Card Industry Data Security Standard requirements.