Page 17 - DCAP309_INFORMATION_SECURITY_AND_PRIVACY
P. 17

Unit 1: Information Systems




          1.9 Disadvantages of Information Management Security                                  Notes

          Security Information Managements (SIM) is by its very nature a heterogeneous product, and
          thus SIM  rollouts involve  complex  technical  integration  and  political  negotiations.  The
          architecture of the SIM tool doesn’t seem to make a whole lot of difference either.
          Even if a solution doesn’t require an installed agent to get information from a system, it still
          usually requires a configuration change or privileged account to get the data it needs – and
          system owners aren’t likely to let that happen without good reason.

          As threats become more targeted and sophisticated, there is often no single tool that can detect
          the telltale signs of an attack. Many modern attacks manifest themselves in policy violations
          like privilege escalations or changes to critical files rather than  specific vulnerabilities being
          exploited or well-known malware being downloaded.
          You cannot simply throw the SIM in the system and assume that it will tell you what you need to
          know about your security or network posture. You have to be willing to actually look deep into
          what you really care about and either write or activate rules that will make the SIM product work.

          Industry watchers and IT managers alike say that SIM won’t protect environments from all threats,
          but the technology can go a long way toward identifying the risk present in any environment.





             Notes  To be certain SIM is able to adequately streamline the  “processes of gathering,
             analyzing and reporting log, vulnerability and configuration data,” it is essential to identify
             the critical systems in your environment before choosing a SIM technology.

          Self Assessment

          Fill in the blanks:
          12.  The ....................... translates the logged data into correlated and simplified formats.
          13.  With a high incidence of severe threats and attacks on information assets, IT security has
               become a priority at organizations’ ....................... levels.
          14.  Thinking outside of the ....................... security box is  a good way to leverage a SIM’s
               correlation engine and normalization capabilities.
          15.  Security Information Managements (SIM) is by its very nature a ....................... product, and
               thus SIM rollouts involve complex technical integration and political negotiations.


             

             Caselet     Tool to Track BPO Transport Fleet

                     LOCAL IT company has come out with a software that integrates the functioning
                    of three key  components  of  Geographical Information  System  (GIS),  Global
             APositioning.

             System  (GPS) and Short Messaging Service (SMS) to provide a complete management
             solution  for  a  virtual  fail-safe  system  for  the  BPO  companies  in  managing  their
             transportation of their employees to the place of work.
                                                                                 Contd...



                                           LOVELY PROFESSIONAL UNIVERSITY                                   11
   12   13   14   15   16   17   18   19   20   21   22