Simplifying Operational Security - Security Configuration Automation for IT Audit Readiness
Current Scenario: IT executives are increasingly confronted with the dual challenge of managing risk to their organization and complying with external and internal system mandates. Today, most vulnerabilities are a direct result of system configuration errors or the lack of a consistent means of measuring the condition or state of a given machine on the network. This often leaves a gap between an organization’s documented security policy vs. the existing state of individual systems on the network. If an organization cannot prove adherence to security policy, the odds are likely it will not pass an IT system audit.
Tomorrow's Technology Today - Risk and Compliance Management
Tomorrow's Technology Today: Shavlik’s compliance management solution is automated to help you easily manage critical system and security configurations. Shavlik NetChkTM Compliance makes it easy to establish and manage a security configuration baseline, while helping to preserve organizational security and complying with either governmental or industry based regulations.
Shavlik’s solution provides a means of automating the development and management of a security baseline – thus reducing the risk of systems being out of compliance with stated policy.
With Shavlik NetChk Compliance, an organization can develop a security configuration baseline policy from scanning a single machine, which has been identified as the “gold standard” from which all others will be measured. It can also develop policies from an extensive library of settings and industry best practice information. Each policy can be easily applied to the appropriate machine or group. Once in place, Shavlik is uniquely positioned to enforce each policy while helping reduce the cost of compliance, and improving the likelihood of passing an audit.
Why Choose Shavlik NetChk Compliance:
Dramatically reduce manual administrative time with automated scanning and remediation
Manage potential for risk tied to system configuration vulnerabilities
Security auditing based on the industry standard ISO 17799 or NIST 800-53 security controls
Helps you address SOX, Basel II, FISMA, GLBA, and HIPAA
Extensive reporting capabilities
Over 230 security settings
Ease of Use - get up and running in 30 minutes or less
Security best practices from Shavlik's security consulting experts
Settings recommendations based on real-world experience
Content for securing operating systems, databases and web servers
Support for SQL Server 2000 & 2005
New Policy-Built-From-Scan Feature
Right click improvements for ease of policy development and enforcement
Fast, multi-threaded scan engine up to 64 scan threads active at one time
Conclusion: Shavlik’s comprehensive solution helps organizations proactively develop and maintain a baseline level of security, enabling proactive enforcement of existing polices which promotes greater network security. Shavlik provides meaningful security configuration metrics that organizations can use to more effectively measure the security of their network and satisfy compliance requirements.
Shavlik Technologies, LLC
2665 Long Lake Road, Suite 400
Roseville, MN 55113
Download the actual white paper
From Info Security Products Guide site: CLICK HERE