Control
Control: The implementation of preventive or corrective controls to mitigate the risks of compliance exceptions or security breaches.
Effective controls are the very mechanisms that ensure compliance with mandates and regulations. As well, controls mitigate or manage the risks associated with information and related technologies. This stage seeks to implement preventive controls where possible. It is the natural result of the Assess stage, but also is done in response to incidents – such as policy violations – that are detected in the Operate stage.
The activities for the Control stage are directly supported by NetIQ VigilEnt Policy Center, Secure Configuration Manager and Security Manager. However, other solutions may also be used to support the implementation of controls. For example, NetIQ Security Administration Suite may be used to implement configuration standards on Windows platforms by leveraging the power of Microsoft group policy.
The Control Stage is characterized by three (3) primary activities:
- Educate Employees and Improve Awareness: Employees and other workers in your organization can be a significant source of security incidents. NetIQ VigilEnt Policy Center helps solve this problem. VigilEnt Policy Center provides role-based distribution of policies, standards, and other documents. For example, VigilEnt Policy Center can distribute Windows hardening standards to all Windows administrators, based on their membership in specified containers in Active Directory.
- Enforce Configuration Standards: Security configuration standards help establish a known risk and security posture of an asset. The assess stage often identifies exceptions to the configuration standards when grading compliance to baseline standards. Moreover, the operate stage often identifies changes to system configurations that take a system out of compliance. NetIQ Secure Configuration Manager provides the information to know exactly where and how to remediate compliance exceptions and vulnerabilities. NetIQ provides remediation capabilities for Windows platforms through its Security Administration Suite.
- Implement Compensating Controls: Since systems oftentimes cannot achieve compliance status, it is important to implement compensating controls to address the risk. NetIQ supports compensating controls. NetIQ Security Manager can be used to monitor changes and other suspicious or unusual activities. NetIQ Secure Configuration Manager can routinely assess systems.
