IT complexity and change auditing
Robert Bobel is the Director of Product Management at NetWrix. In this interview he talks about change auditing trends, enterprise security issues, increasing IT complexity and the NetWrix Change Reporter Suite.
What change auditing trends can we expect to shape this year?
In 2013 organizations will have bigger budgets to be spent on Security in an attempt to bring the required detailed attention to fight Cyber Attacks. This is in direct response to the increasingly sophisticated exploits being uncovered and the breadth and scope of APTs (Advanced Persistent Threats) become well understood.
Answering the “Who has access to What?” question will become fundamental as organizations cope with huge volumes of unstructured data and the legacy security protecting it.
Also, the policy based security will finally come to the masses as technologies like Microsoft’s Dynamic Access become available in the Windows operating system.
Furthermore, big data technologies will transform the IT security and auditing world beginning in 2013. As technologies and technique used to cope with big data go mainstream, the massive amount of existing security and audit data found on almost every corporate networks will become more transparent. Applying big data techniques will allow software companies to get better at finding critical elements and piecing them together to form a clear picture of the complex activities performed by employees, IT administrators and outsiders who want their data. Our own AuditArchiveÃ¢â€ž? solution incorporates Big Data methods to allow customers to store and then analyze extremely large amounts of audit data; sometimes 6 to 7 years of data from mission critical systems.
Based on your discussions with clients, what information security issues are most common in the enterprise?
From my experience customers are looking for products that provide Security & Data Access Governance, as they realize that traditional SIEM (Security information & event log management) tools are often ineffective because they were designed a long time ago. Customers want the ability to understand the security settings for critical IT systems and then watch how that is changed over time.
We’ve witnessed several high profile data breaches in 2012 that highlighted the problem of insecure IT infrastructures. What advice would you give to companies that have to tackle with a large workforce and increasing IT complexity?
To give you an example, I was looking at buying a car recently and I was keen on a specific model that seemed to serve my needs. When I test drove the car I realized it had a huge blind spot that could have hidden an elephant. When I asked the sales guy how many other people noticed that blind spot he said I was only the second person to mention it. We here at NetWrix see many organizations that look to replace an overly complex event monitoring tool that had blind spots that were hidden in the tools complexity. My advice is to always look for solutions that are simple to maintain and operate, but have an enterprise architecture that will scale as their organization grows.
What are the main features of the NetWrix Change Reporter Suite? What are the suite’s strengths in the marketplace?
Even as the global economy recovers, customers still demand more for their money when it comes to buying software. This puts NetWrix in an excellent competitive position because we drive our business by building a Unified Auditing platform that automates and simplifies the auditing of critical IT systems across the entire IT infrastructure filling major gaps found in native tools while being reasonably priced.
NetWrix stance is making unified auditing simple, efficient and affordable – NetWrix Change Reporter Suite can be downloaded with just a few clicks and once installed is highly intuitive. We have spent a lot of time on designing a user-friendly interface that would give IT managers the ability to see what’s going on within their IT infrastructures at any one time without dealing with cryptic audit logs from servers and network equipment.
Unlike traditional auditing solutions NetWrix Change Reporter Suite consolidates the audit data from multiple independent sources – event logs, configuration snapshots, change history reports, and various other sources ensuring that auditing reports generated by the solution contain only the most accurate and valid information. What is also important is that NetWrix Change Reporter Suite has an inherently low impact on IT environments as it does not require agents that could be both intrusive and dangerous causing the BSOD and similar problems.
NetWrix has had some outstanding results in recent years. How was the year 2012 for NetWrix? What are the nearest and biggest plans for the company?
From a products perspective, we had a great year. We had major releases of our Change and Configuration Auditing Platform that brought both new features and support for the latest platforms such as Windows Server 2012 and Exchange 2013. NetWrix had 9 new product releases and announcements and received 20 new biggest industry awards including Windows IT Pro, Redmond among others.
From a business perspective, NetWrix again had tremendous year-over-year growth with a 65% revenue growth globally in 2012 vs. 2011. During the same period, NetWrix sales grew over 70% in the US alone. We expect this trend to continue for the forseeable future. To ensure we correctly manage this growth we aligned both our products and our management team to better meet our customer’s needs. It is a very exciting time to be working at NetWrix.
NetWrix will continue to focus on unifying configuration and data auditing, identified by Forrester as the #1 security technology for the next five years.