Understanding Security and Compliance is as easy as ABC: Access, Breaches and Changes. At a distance security and compliance share many similarities. As you get into the details, what you’ll find is that their implementation differs though the steps to achieve end result (Secure and Compliant) may achieve both.
(A) Access control to the network resources is the most important role for IT. Granting, denying, monitoring all involved some form of privileged and systemic action to meet the needs of your end users. You will want to see who has access to what in snapshot reports of your environment including what access did users have previously as compared to the current state. For example, who has access to this folder now and who had access to it 6 months ago.
(B) Breaches are your virtual border crossings of information and access. For security and compliance, you need to report when users do something in case it is incorrect or damaging. Because of network complexity and existing rights that may not suit the users roles, you need to monitor who breaches data and resources using their granted permissions and rights. Just because a user has a right or permission does not mean they should be exercising it. You need detailed access reports on all uses of permissions both failed and successful throughout the environment.
(C) Changes are your worst enemy when it comes to meeting security and compliance objectives. You need change auditing to uncover the details of each change including who changed what permission and when on files, Active Directory OUs, SharePoint sites, SQL databases and so on. Knowing who changed what security groups and when, and even who changed the security policy to retain logs from 30 days to 2 helps sustain compliance and improve security. Do this change auditing task on a regular basis and you are simultaneously improving both security and demonstrating compliance.
Access, breaches and changes are your three ABCs to meeting your security and compliance goals. This is an ongoing activity of producing snapshot reports, access reports and change auditing must be performed daily if not very frequently in order to be successful at these two objectives. NetWrix provides the Change Reporter Suite for your compliance and security ABCs simply and easily. Using AuditAssurance and AuditIntelligence technologies, data is complete and accurate extracted from multiple sources, stored as single records and reported daily (or more frequently) to show your access, breaches and changes throughout the network.
Are you already following the ABCs of Security and Compliance or do you have your own simple approach to conceptualizing meeting your security and compliance goals?
Author: Chris Rich, Senior Director of Product Management at NetWrix.