Ensuring Compliance through Automation
- LANGUAGE: English DATE: Thursday, May 19, 2016 TIME: 4:00pm CEST, 10:00am EDT, 7:00am PDT
The definition, implementation and maintenance of an adequate set of policies is a major task for many areas of today’s organizations. However, continuously ensuring compliance to these policies and providing adequate documentation of evidence is even more challenging. Keeping computer security definitions in compliance with your corporate security policy and with mandatory regulations is overly complex when done the conventional way.
Cyber security really becomes a major headache when you have security definitions that need to be applied and maintained across many servers, databases, folders and users. How do you know that your corporate security policies remain in place? And how do you prove this to your auditors? This webinar will provide adequate answers.
Contents of this KuppingerCole webinar:
- The task at hand: From policies, legal and regulatory requirements via actionable guidelines to efficient IT compliance
- Mapping existing policies to system-specific, template-based compliance checks
- Automated discovery and analysis of deviation
- Achieving cross-platform compliance by refining and consistently applying security guidelines
- Automated fixing and aligning system definitions to policy
- Delving deeper: Advanced auditing and analysis.
Matthias Reinwarth, Senior Analyst at KuppingerCole will provide an overview regarding the practicalities of meeting technical compliance requirements. He will focus on the need for a consistent approach from the definition of enterprise security policies to actionable, ideally automated compliance checks, alerting mechanisms and policy enforcement to maintain compliance in heterogeneous IT landscapes.
Shahar Troiza, Technical Consultant at Enforcive Systems, will illustrate technical approaches leveraging automation to achieve a level of compliance across all cross-platform environments beyond today’s typical manual controls. Based on real life experiences he will show a unified approach towards defining and maintaining satisfactory IT compliance while providing adequate evidence.
Access Governance-Tools sind in der heutigen Business-IT ein unverzichtbares Element. Sie dienen dem Management von Benutzer- und Berechtigungsworkflows, der Vergabe von Zugangsrechten, der Durchführung von Kampagnen zur Zugriffszertifizierung und der Implementierung und Prüfung von Controls für die Funktionstrennung (SOD). Mit einer wachsenden Zahl von Business-Applikationen, gerade auch aus der Cloud, und ihrer Vernetzung wächst die Herausforderung, Access Governance übergreifend und automatisiert umzusetzen.