In a recent column in Computerworld, a security expert mentioned that technology-based security systems “are the first to tell you that your house has burned down” unless supplemented by human intelligence evaluating vulnerabilities. Some larger organizations have a Chief Security Officer and the attendant resources to assess network security risks; however, most smaller companies do not have the in-house resources to adequately address security issues. Unfortunately, these smaller companies face most of the same security risks as bigger companies do, and on a per-employee basis they can incur the same or even greater loss of productivity due to a worm, DOS attack, etc.

Intelligence-gathering efforts at HydroQual beyond review of on-line browsing for virus alerts and the occasional glance at the firewall records started in earnest in early 2002, when intrusion detection monitoring services were deployed. While the information captured was informative, it was also overwhelming, and by mid-2003 it became largely impossible to review this information in anything approaching real time. In short, HydroQual had become a purely reactive organization at a time when security threats were increasing and time to react to these threats was shorter than ever.

The IT director at HydroQual estimated losses of between $20,000 and $60,000 per day of downtime associated with a complete shutdown of network services. The decision was made to become more proactive in preventing such losses, and in early 2004 HydroQual selected igxglobal’s Reporting and Forensics Service to summarize and prioritize daily threat information for their network and computer operations. Intelligence is also augmented by igxglobal’s Daily Security Briefing.

The Reporting and Forensics service provides a real-time, one-page graphical and tabular summary of current threats prioritized in accordance with igxglobal’s rules (among other summary reports). The network administrator at HydroQual is able to review this brower-based information “at a glance” as part of his normal work day, and remediation can occur very quickly when severe threats are identified. In addition, a mechanism for issuing Cease and Desist orders is available at the click of a mouse button. The network administrator saves copies of these reports in a binder, and long-term trending can be easily observed by flipping through these simple yet informative reports. In addition, the reports are ideal for presentation to top management to summarize security activities and the necessity for diligence.

Finally, igxglobal’s Daily Security Briefing warns of problems looming on the horizon, and also provides a summary of the most current security threats as well as recommendations for remediation. This abbreviated summary, with the day’s security ranking appearing in its e-mail header, augments the Reporting and Forensics reports and provides additional context to the network administrator.

In conclusion, igxglobal’s Reporting and Forensics service, coupled with its Daily Security Briefing, allows HydroQual to proactively manage many security activities at a monthly cost of less than one fifth of an IT professional. Overall network security can be evaluated in real-time at a glance, freeing HydroQual’s IT staff to perform other duties while always having a watchful eye on security issues. HydroQual also provides feedback to igxglobal on this service and is an active participant in its refinement and evolution.

Copyright © 2002 igxglobal, All Rights Reserved.
Designed by