Symantec Security Compliance Solution Symantec s automated approach to IT security compliance helps organizations minimize threats, improve security,



Similar documents
Managed Security Services D e l i vering real-time protection to help organizations st r e n g t h e n their security posture in the face of today s

Symantec Control Compliance Suite. Overview

8 Key Requirements of an IT Governance, Risk and Compliance Solution

Payment Card Industry Data Security Standard

SYMANTEC MANAGED SECURITY SERVICES. Superior information security delivered with exceptional value.

Symantec Residency and Managed Services

Leveraging a Maturity Model to Achieve Proactive Compliance

An Oracle White Paper January Access Certification: Addressing & Building on a Critical Security Control

The Impact of HIPAA and HITECH

Symantec Enterprise Vault for Lotus Domino

North American Electric Reliability Corporation (NERC) Cyber Security Standard

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

IBM Internet Security Systems October FISMA Compliance A Holistic Approach to FISMA and Information Security

Achieving Control: The Four Critical Success Factors of Change Management. Technology Concepts & Business Considerations

Preemptive security solutions for healthcare

Consulting Services for Veritas Storage Foundation

The Modern Service Desk: How Advanced Integration, Process Automation, and ITIL Support Enable ITSM Solutions That Deliver Business Confidence

Maintaining PCI-DSS compliance. Daniele Bertolotti Antonio Ricci

Symantec Control Compliance Suite Standards Manager

Symantec ServiceDesk 7.1

RSA Solution Brief. The RSA Solution for Cloud Security and Compliance

The RSA Solution for. infrastructure security and compliance. A GRC foundation for VMware. Solution Brief

How To Buy Nitro Security

Data Sheet: Server Management Altiris Server Management Suite 7.0 Essential server management: Discover, provision, manage, and monitor

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

IBM Tivoli Netcool Configuration Manager

Endpoint Virtualization for Healthcare Providers

Protect Your Universe with ArcSight

SecureVue Product Brochure

NetIQ FISMA Compliance & Risk Management Solutions

IMPROVING RISK VISIBILITY AND SECURITY POSTURE WITH IDENTITY INTELLIGENCE

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

EMC CONSULTING SECURITY STANDARDS AND COMPLIANCE SERVICES

Data Sheet: Archiving Altiris Server Management Suite 7.0 from Symantec Essential server management: Discover, provision, manage, and monitor

Total Protection for Compliance: Unified IT Policy Auditing

Welcome to Modulo Risk Manager Next Generation. Solutions for GRC

Governance, Risk, and Compliance (GRC) White Paper

Cyber Governance Preparing for the Inevitable Perimeter Breach

Selecting a Managed Security Services Provider: The 10 most important criteria to consider

Security management solutions White paper. IBM Tivoli and Consul: Facilitating security audit and compliance for heterogeneous environments.

RSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief

The Value of Vulnerability Management*

Certified Identity and Access Manager (CIAM) Overview & Curriculum

CDOs Should Use IT Governance and Risk Compliance Management to Advance Compliance

IBM Security QRadar Risk Manager

whitepaper Ten Essential Steps for Achieving Continuous Compliance: A Complete Strategy for Compliance

Security Information Lifecycle

DATASHEET CONTROL COMPLIANCE SUITE VENDOR RISK MANAGER 11.1

The Age of Audit: The Crucial Role of the 4 th A of Identity and Access Management in Provisioning and Compliance

Data Sheet: Archiving Symantec Enterprise Vault for Microsoft Exchange Store, Manage, and Discover Critical Business Information

Addressing IT governance, risk and compliance (GRC) to meet regulatory requirements and reduce operational risk in financial services organizations

Defending the Database Techniques and best practices

Two-Factor Authentication

Leveraging Network and Vulnerability metrics Using RedSeal

Self-Service SOX Auditing With S3 Control

Feature. Log Management: A Pragmatic Approach to PCI DSS

Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team

QRadar SIEM 6.3 Datasheet

Strengthen security with intelligent identity and access management

Data Sheet: Archiving Symantec Enterprise Vault Store, Manage, and Discover Critical Business Information

Implement a unified approach to service quality management.

Dynamic Service Desk. Unified IT Management. Solution Overview

PROACTIVE ASSET MANAGEMENT

Small and Midsize Business Protection Guide

Adopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services.

IT Security & Compliance. On Time. On Budget. On Demand.

whitepaper The Benefits of Integrating File Integrity Monitoring with SIEM

IBM Internet Security Systems. The IBM Internet Security Systems approach for Health Insurance Portability and Accountability Act compliance overview

Symantec Enterprise Vault

FIVE PRACTICAL STEPS

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

White Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA

Optimizing the Data Center for Today s State & Local Government

Demonstrating the ROI for SIEM: Tales from the Trenches

Optimizing the Data Center for Today s Federal Government

Provide access control with innovative solutions from IBM.

Compliance Management, made easy

IBM Security QRadar Risk Manager

Simply Sophisticated. Information Security and Compliance

An Oracle White Paper November Financial Crime and Compliance Management: Convergence of Compliance Risk and Financial Crime

Boosting enterprise security with integrated log management

Altiris Asset Management Suite 7.1 from Symantec

Enforcive / Enterprise Security

Top 5 Reasons to Choose User-Friendly Strong Authentication

A Smarter Way to Manage Identity

How To Ensure Financial Compliance

Security management solutions White paper. Extend business reach with a robust security infrastructure.

Minimize Access Risk and Prevent Fraud With SAP Access Control

Closing the Vulnerability Gap of Third- Party Patching

IBM Software Top tips for securing big data environments

Transcription:

Symantec Security Compliance Solution Symantec s automated approach to IT security compliance helps organizations minimize threats, improve security, streamline compliance reporting, and reduce the overall cost of managing IT security controls.

Today s IT environments face growing security threats, increasing complexity, and often-confusing regulatory mandates. In response, many organizations are adopting proactive strategies for security and compliance management strategies that depend on automated technologies to reduce errors, improve security, and simplify auditing and reporting. Symantec s industry-leading Security Compliance solution offers state-of-the-art automation to help organizations better secure their systems and maintain configurations, reduce operational security management costs, and more efficiently meet compliance requirements.

Security Compliance Is Complex and Costly The security operations landscape is rapidly evolving. As more people have greater access to network resources, the risk both internal and external of information theft or loss due to breaches is increasing. The number of regulations and governance mandates is growing continuously as well, with more compliance requests originating from more diverse audiences every day. And because operations teams often rely on redundant, manual activities to implement and test IT controls, the potential for error is constantly on the rise. In this environment, the resources required to manage IT controls are steadily increasing. Meanwhile, management pressure to reduce operating costs continues to mount. To meet these challenges, companies need an integrated, holistic approach to IT controls management. IT security compliance 4

A better approach to IT security compliance Many organizations are plagued by a lack of effective IT controls. A proactive approach to IT security compliance is required to enable them to: Detect IT control deficiencies such as weak passwords, orphan accounts, and inappropriate access Assess IT risk and security threats Identify and incorporate best practices for remediating vulnerabilities more efficiently Reduce the time and effort expended to produce IT audits and compliance reports for a variety of constituencies To achieve these critical objectives, organizations need solutions that help them: Leverage a top-down, enterprise-level view into configuration settings and access rights Centralize controls assessment and auditing, as well as security log monitoring and management Minimize unnecessary access to information Automate IT compliance reporting processes 5

Symantec s Security Compliance Lifecycle Symantec understands that compliance means more than just meeting regulations mandated by government or industry. It s also about supporting business objectives and managing IT risk. To achieve compliance, there must be a tight alignment between IT risk and compliance activities so that operations teams can effectively secure the infrastructure in support of company policy while fulfilling internal and external compliance demands. Symantec has developed an automated solution to compliance that can help organizations realize such an alignment. We can help your operations team harness rising security and compliance management costs, better meet reporting requests, identify high-risk systems, and more effectively secure systems and configurations via a four-pronged approach. Define: First, Symantec helps companies understand their governance requirements, assess risk, and identify IT assets that may be affected by various standards, regulations, and security threats. We then help them automatically define the IT controls environment and translate regulatory mandates into automated policies and controls. Assess: Next, Symantec s solution assesses the security compliance of IT controls by automatically testing and monitoring them. Report: Symantec s holistic solution provides detailed compliance and risk reports. Reporting is customized based on an organization s requirements, such as by industry standards, regulations, platform, business units, or geography. Remediate: Finally, the Symantec approach helps IT remediate control deficiencies and respond quickly to security events. 6

Automating the management and monitoring of IT controls infrastructure and events can reduce operational costs by as much as 40 percent, minimize vulnerabilities and threats, and help satisfy compliance requirements. IT Policy Compliance Group Automate, secure, and comply Automate: Moving compliance management from manual process controls to automated systems controls is less complex to the process owner and auditor, costs less because labor costs can be sharply reduced if controls are standardized and rationalized across the enterprise, and has side benefits of process improvement. Gartner Secure: Vulnerabilities must be viewed as part of an overall security management infrastructure that takes into account security policy, compliance, and risk management. IDC Comply: A comprehensive IT compliance program must structurally address the ability to maintain an authoritative control framework, identify and resolve control deficiencies, measure and report control effectiveness, and provide advisory services for IT controls. Forrester Research 7

An Industry-leading Compliance Platform The foundation of the Symantec Security Compliance solution is Symantec Control Compliance Suite, an integrated offering that enables organizations to implement a costeffective, holistic approach to compliance automation. Control Compliance Suite offers multiple modules and agents for the full range of security and compliance issues faced by today s enterprises. It allows organizations to: Automate IT controls assessments, enabling consistent implementation, enforcement, and reporting to achieve secure configuration compliance Leverage best-practices guidance based on regulations, benchmarks, and standards from the Center for Internet Security (CIS), National Security Agency (NSA), National Institute of Standards and Technology (NIST), International Organization for Standardization (ISO), Control Objectives for Information and related Technology (COBIT), the Sarbanes-Oxley Act, Payment Card Industry Data Security Standards, the Health Insurance Portability and Accountability Act (HIPAA), and more Map technical and procedural controls to their corresponding compliance objectives, including more than 125 prototypes that tightly link common policies and objectives Provide assessments and evidence of policy implementation and enforcement Monitor, remediate, and report on IT controls and privileged user access Incorporate IT controls status, event logs, and external intelligence on new and existing threats, and correlate the information to identify and prioritize critical events Initiate remediation through tight integration with popular help desk ticketing systems Implement compliance and security management as part of day-to-day operations, resulting in fewer control deficiencies, less data leakage, and lower compliance and security management costs Day-to-day use case scenarios In day-to-day operations, IT can use Symantec Control Compliance Suite to: Automate controls testing Test technical and procedural controls and assess compliance with policies Automate security event management Monitor security violations and prioritize responses based on policies and regulations 8

Manage control configurations Identify gaps in IT controls, get guidance, and provide closed-loop remediation Monitor threats in real time Identify threats and vulnerabilities in controls before they become security breaches Comply with audits and reporting requests Measure IT risk and compliance, deliver dashboards and auditable evidence, and demonstrate controls effectiveness A world-class solution from an industry leader With more than 2,000 enterprise customers and the world s largest configuration policy compliance installed base, Symantec is a global leader in security and compliance management. The company s innovative products have received awards and recognition from top analysts and industry watchers: Leader in Worldwide Security and Vulnerability Management, IDC Leader in Magic Quadrant for Security Information and Event Management, Gartner Leader in IT Governance, Risk, and Compliance Management (Symantec Control Compliance Suite), Gartner Leaders in Secure Configuration Wave (Symantec Control Compliance Suite and Symantec Enterprise Security Manager), Forrester Research Leader in SIEM MQ and SIEM Wave (Symantec Security Information Manager), Gartner and Forrester Research Winner of Reader s Choice Award (Symantec Security Information Manager), Information Security magazine, 2008 Additionally, Symantec offers: The industry s broadest portfolio of leading security, backup, storage, and archiving controls Unmatched insight into the threat environment via the Symantec Global Intelligence Network Strong strategic partnerships with key storage vendors, auditing firms, and integrators The unparalleled expertise of Symantec Consulting Services and channel partners 9

Symantec s comprehensive Security Compliance solution provides a proactive, risk-based approach to managing IT controls. Through its advanced automation technologies, it enables security operations teams to better secure systems and configurations, streamline compliance reporting, and reduce associated costs. The bottom line for your organization? Lower cost, better security, and easier compliance all from the market leader in security information and vulnerability management. To find out more, visit www.symantec.com/compliance.

About Symantec Symantec is a global leader in providing security, storage and systems management solutions to help businesses and consumers secure and manage their information. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at www.symantec.com. For specific country offices and contact numbers please visit our Web site. For information in the U.S., call toll-free 1 (800) 745 6054 Symantec Corporation World Headquarters 20330 Stevens Creek Boulevard Cupertino, CA 95014 USA +1 (408) 517 8000 1 (800) 721 3934 www.symantec.com Copyright 2008 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. 06/08 14161725

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information