This article can also be found in the Premium Editorial Download "Information Security magazine: The power of SIMs for visibility and compliance."
Download it now to read this article plus other related content.
For more visibility into your security posture and smoother compliance, picture what a security information management system can do for you.
More information from SearchSecurity.com
Learn more about SIMs in our webcast with Lenny Zeltser.
Visit our resource center for SIM product reviews.
Feeling overwhelmed by all the security data your network generates? What infosecurity chief isn't? It's hard to get a good security posture assessment when you've got to pore through countless logs from disparate sources and then make sense of it all.
That's why security information management (SIM) systems -- also referred to as security event management (SEM) -- have become increasingly popular. In a nutshell, these systems automate the process of looking through logs. They normalize and store data, correlate it, help produce effective reports, issue alerts, and do forensics. Once you establish what's important and what you want to achieve, a security information management system can make it happen.
And in this age of regulation, organizations need this added visibility into network, systems and application activity. Compliance is one of the biggest drivers of the SIM market. "A lot of auditors are coming in and saying you need to be able to log and monitor this data over a long period of time," said Amrit Williams, an analyst at Gartner.
But SIMs aren't simple. "They require a lot of care and feeding," said Andrew Braunberg, analyst with Current Analysis. First, there's the process of defining your needs. Then, businesses must determine the type of technology that best suits their environment. The work doesn't end there. On top of initial costs of $250,000 to $500,000, companies spend $45,000 to $175,000 annually to support a SIM, Williams said.
But when SIM technology is running effectively, it can tighten security, satisfy auditors and executives, and prevent a lot of headaches. Turn the page to see some snapshots of SIMs in action.
This was first published in September 2006