- More than 40,000 rules (i.e. national laws) were passed by the U.S. government in the last decade.
- The Weidenbaum Center at Washington University in St. Louis and the Mercatus Center at George Mason University in Virginia jointly estimate that agencies spent $49.1 billion to administer and police the 2008 regulatory enterprise.
With figures like that, today's reality is that IT organizations have been forced to sink or swim in keeping up with compliance and security requirements. They've got to do it faster, with less staff and limited to nonexistent budget. Yet, auditing Microsoft-based infrastructures for compliance with internal policies and external regulations can be a tedious, repetitive, time-consuming process fraught with risk. Not to be ignored: Security breaches, malware, mistakes and leaks of sensitive enterprise data are serious threats to the organization, with internal security threats as perilous as external ones.
Failure is not an option as lapses in compliance and breaches can lead to loss of IP, system downtime, frustrated end users, lost productivity, fines and negative publicity. Whether it is monitoring change events affecting Active Directory, Exchange or Windows File Servers, reporting, though required, distracts administrators from working on other projects.
These additional pressures from external regulations, coupled with internal fiscal constraints mean that the IT organizations simply have no alternative but to work smarter by using the same budget dollar for compliance and secure operations.
How do we do it?
Windows does provide native security event logs which are managed on a per-server basis and contain events generated by every subsystem. That said, the problem with the native logs is that with no centralized view, IT managers need to scour all event logs on each server and each subsystem.
The fact is that IT organizations require a simple solution that:
- Provides the who, what, when and where of all changes, including details on previous and new change values, with the ability to add comments on Why a specific change was made to fulfill audit requirements
- Monitors and tracks all change events in real time across the network, eliminating the need for multiple solutions
- Reduces risk by providing regulation-specific reporting, aligning with operational best practices, and preventing leaks of sensitive data
- Facilitates faster audits with less work on IT by generating predefined, custom and ad-hoc reports to meet the needs of various stakeholders, including auditors
- Controls costs, enabling IT organizations to use the same products to address compliance and security requirements and improve operational activities
- Enables faster and smarter responses to threats or unusual activities as they occur
It is time to reduce risk and take control of Windows auditing, compliance and security.