Ezine

This article can also be found in the Premium Editorial Download "Information Security magazine: Special manager's guide: Monitoring identities."

Download it now to read this article plus other related content.

Considerations
Before considering VM outsourcing, it's important to understand VM. When discussed in an IT context, it's not meant to encompass the whole spectrum of potential enterprise vulnerabilities. Whole-enterprise vulnerability management would need to include the vulnerability associated with having a criminally minded CEO, or the vulnerability of investing time and money in an ill-conceived product.

When IT professionals discuss VM, we are most often talking about how to identify and remediate threats in the resource layer. This means looking for vulnerabilities in the operating system, applications, databases and other IT resources, and then closing the risk window via some form of remediation, like applying a patch or making a configuration change.

Be aware, though, that taking the wrong action could introduce a greater vulnerability to the enterprise. For example, if a database vendor releases a patch designed to fix an obscure and difficult-to-exploit vulnerability, and the patch is problematic, it can bring down your enterprise servers. Automatic responses outside the normal trouble ticketing, workflow and change management accountability chain can introduce unacceptable levels of risk. Risk reduction controls, such as testing the patch prior to applying it to the production server, can keep risk in check, as can keeping the response and remediation process inline with corporate workflows and approval processes.

    Requires Free Membership to View

To close the loop, most companies implement ongoing verification and monitoring of their VM system, and accomplish this, in part, by sharing the data collected and managed via the VM systems with external tools. In addition to integration with workflow and change management solutions, VM tools can share critical event information with network systems management (NSM) tools, security event and information management (SEIM) tools, compliance dashboard tools, and other correlative and analytic portals.

This was first published in August 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: