Security Management
Ensure Services are Secure
Some ITIL advocates may be unaware of the role that security has in the library, as it is barely mentioned in most of the chapters. There is a defined discipline, however, which is responsible for managing a defined level of security on information and IT services. Included is managing the reaction to security incidents, which are those events that can cause damage to confidentiality, integrity or availability of information or information processing.
Business Challenge
With the continual addition of new government regulations to comply with, most of which contain IT security standards, security can no longer be viewed as an independent domain, separate from IT Operations. There is an entire book on the topic of Security Management in the ITIL library. It is seldom referred to and is largely regarded as less valuable than other leading standards in security such as ISO 17799. Still, the fact that there is an entire volume dedicated to the subject indicates its importance to the framers of ITIL. The mantra “security is everyone’s responsibility” is often heard, but is only truly possible if security is “operationalized”.
Implementing Security Management
NetIQ is pioneering thought leadership in the convergence of Security and Service Management disciplines by providing the technology that enables the controlled flow of information between them. For example, NetIQ’s security incident management solution, NetIQ Security Manager, can be integrated with AppManager through a standard connector, enabling correlation of incidents that affect both the security posture of the organization, as well as the availability of services. This functionality meets a requirement, specifically described in the Availability Management chapter of the ITIL Service Delivery book, which states, “The importance of Availability [is] recognised as one third of the security ‘CIA’ tenet: Confidentiality, Integrity and Availability.” This capability drives efficiency, as multiple teams do not have to duplicate efforts in responding to incidents that are the responsibility of another group, and incidents are not “lost” in the transfer between them.
NetIQ Security Manager supports information sharing between incident and security management for faster resolution.
Another bridge between Security and Service Management is in the Change Management process. Ensuring that controls are in place to provide reasonable assurance that system changes are authorized is a key requirement of most security-related regulations and standards. While a process for approval of changes is necessary, the technology to audit, report, and control compliance must also be in place. NetIQ Operational Change Control products provide a solution for this requirement that benefits both the Security and Service Management disciplines.
Key Features
- Reduce exposure time with real-time monitoring for security incidents, extensive information on alerts, advanced notification capabilities, and automated responses.
- Integrate with operational systems such as AppManager to provide a complete picture of the impact of incidents to availability from both security threats as well as operational failures.
- Improve security knowledge through a comprehensive knowledge base that automatically builds, internalizing new and updated information into the product, supporting the Problem Management process.
- Increase protection levels by correlating events from your heterogeneous and best-of-breed security point solutions, such as firewalls and intrusion detection systems, to identify true incidents.
- Assure compliance by facilitating regular review and reporting on enterprise security information, monitoring security controls to validate their effectiveness, and providing real-time enforcement of policies and best practices.
