Security Management Strategies for the CIOAccess "Joining security information management systems with identity management systems boosts security"
This article is part of the March 2010 issue of Winning strategies for integrating security information management and identity access management
Traditionally within companies the IT security organization has mitigated risk through its set of policies, procedures and technologies, while user access and authorization has been controlled through the use of identity management processes and technologies managed by the IT organization. By bringing these two functions together, organizations increase their effectiveness to a level that is greater than the sum of the parts. IT security departments have begun deploying security information and event management systems (SIM) within their organizations to monitor and report on information asset vulnerabilities. SIMs focus on remediating risk through scanners placed throughout the organization to gather information on information policy violations and then reporting on overall vulnerability to defined risks using management scorecards. While becoming more and more effective, these technologies act only as an early-warning radar system by recognizing when a large policy violation activity has occurred--which is then followed by a triage process to verify and ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
HITECH Act increases HIPAA security requirements
HIPAA security compliance has been a mixed bag but HITECH ups the ante
-
Creating meaningful information security metrics
by Andrew Jaquith, Forrester Research, Inc.
Learn how to develop an effective information security metrics program and pitfalls to avoid.
-
HITECH Act increases HIPAA security requirements
-
-
Joining security information management systems with identity management systems boosts security
by Randall Gamby, Contributor
Integrating security information management systems with identity management systems ties policy violations and vulnerabilities to user activity
-
Knowledge-based authentication poses privacy issues
Knowledge-based authentication helps catch fraud, but the authentication technology poses customer privacy issues.
-
Joining security information management systems with identity management systems boosts security
by Randall Gamby, Contributor
-
Columns
-
Is HITECH Act a game changer?
The HITECH Act increases penalties for a lack of HIPAA security compliance but will it really improve health care security?
-
Develop an effective information security career plan
by Lee Kushner and Mike Murray
A successful career in information security requires an effective information security career plan
-
Relying on basic network intrusion detection systems isn't enough
Organizations must enhance network intrusion detection systems with supporting processes to uncover genuine threats
-
Is HITECH Act a game changer?
More Premium Content Accessible For Free
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...
Emerging threat detection techniques and products
E-Handbook
Advanced persistent threat (APT) has been a used and abused term in the security industry, but security experts say targeted attacks are a growing ...
The rapid evolution of MDM solutions
E-Zine
Mobile device management (MDM) continues to grow at a feverish pace, both in terms of adoption and mobile security features. BYOD policies, and the ...