overcoming compliance challenges: a 5-step path to governance success
DESCRIPTION
Do compliance audits keep you awake at night? See our 5-step approach to achieving and maintaining compliance through proper governance. Starting with security awareness and training programs, then moving to access, auditing, data protection and more, we’ll show you how integrated Dell Security solutions ensure the confidentiality, integrity and availability of data while saving time, improving efficiency and helping you maintain your sanity through your next audit and beyond.TRANSCRIPT
1 Dell World 2014
Overcoming compliance challenges: A 5-step path to governance
Jessica Morrison, Sr. Product Marketing Manager, GRC
Dell World 2014
2 Dell World 2014
The problem with achieving and maintaining compliance today…
Risky
Complexity
Threats Compliance
Lack of Resources
Web 2.0
Virtualization Cloud Mobility
Big Data
Ch
all
en
ge
s O
pp
ort
un
itie
s
Expensive
Inefficient
3 Dell World 2014
The real world gets in the way
…but…
We still need to know that however users access our systems and data they are doing it securely, in a compliant manner, and with full organizational visibility and control
The organization no longer has tight control over how people access resources
Users
The perimeter must be secured without impeding user access needs
Systems
It is not practical to address mobility security, compliance, and governance separately from other security concerns
Business
4 Dell World 2014
Applications, network, users, administrators, data
Assess Audit/ Alert
Remediate Manage Govern
Five-step path to better IT governance
1 2 3 4 5
Dell World 2014
Assess: Think like an auditor
Security & Compliance awareness training
Analyze access rights and permissions to critical data
Determine configuration settings and set baselines
1
Dell World 2014
Audit/Alert: Think like an auditor
Track security and performance indicators
Audit and report on user activity
Perform checks for SOD
Enable real-time alerts
2
!
Dell World 2014
Remediate: Be Operationally Efficient
Implement preventative controls
– Report on and rectify deviations and security breaches
– Discover and restore
Establish policy over accounts, privileges and resources
Establish boundaries on the perimeter through application control and visibility
3
Dell World 2014
Manage: Automate
Administer and revoke access rights and permissions
Implement best-practice compliance reporting
Protect, retain and retrieve data for on-the-fly investigations
Enforce compliance with company policies across desktops, laptops, etc
Extend secure remote access
4
9 Dell World 2014
Govern: The hierarchy of IT needs 5
Govern-ance
Management
Control
Security
Access
• Risk management • Enterprise / IT • Adherence to
external standards
Reporting & auditing Policies, standards, guidelines & procedures Accountability & control Baseline
10 Dell World 2014
• Enterprise Reporter
• Dell SecureWorks Compliance Services
• Change Auditor
• Dell One Identity Privilege Account Management
• Dell Data Protection
• Dell One Identity
• Dell Data Protection
• Dell SonicWALL
• Recovery Manager
• Dell One Identity
• Dell Data Protection
• Dell SonicWALL
• Dell KACE
• Change Auditor
Dell One Identity
Assess Audit/ Alert
Remediate Manage Govern 1
Summary: Five-step path to better IT governance
2 3 4 5
Applications, network, users, administrators, data
11 Dell World 2014
Automation and integration under the hood
Change Auditor
Identity and Access Management
Data Protection
SonicWALL
• Eliminates Silos
• Minimizes effort and investment required to achieve compliance
• Work with a single vendor
SecureWorks
Windows Management
12
Customer story University of Madrid
Challenge • Cost and complexity of manually managing
Active Directory
• Needed to reduce human-error and free up resources
Dell World 2014
Results
• Gained visibility, automated provisioning, auditing, and remediation with Dell suite of compliance & security solutions
• Reduced human error by 35%
• Reduced IT workload by 60%
“The solution has provided the university with a system that 100 percent controls any
tasks out on Active Directory, thanks to its detailed auditing functions”
Roberto Peralta, Business Partner Faculty Support
13 Dell World 2014
The Dell difference: Security designed for a connected world
• Integrated, comprehensive portfolio secures from device to datacenter to cloud
• Shared intelligence across silos eliminates proprietary islands of information that create security gaps
• Considers the human factor to “keep the good guys good” without getting in the way of user productivity
Enable the enterprise to embrace
new technologies faster than the competition
Comply with regulations and achieve
consistent, reliable governance
Protect the whole enterprise –
outside in and inside out – efficiently and proactively
14 Dell World 2014
Dell delivers best-in class security solutions
Identity & Access Mgmt
Identity Governance
Privileged Mgmt
Access Mgmt
Compliance & IT Gov
Security Services
Incident Response
Managed Security Svcs
Security & Risk Consult
Threat Intelligence
Data/Endpoint
Encryption
Protected Workspace
Configuration & Patch
Management
Secure Cloud Client
Network
Next Gen Firewall
Secure Mobile Access
Email Security
15 Dell World 2014
Dell Security leadership, scale and recognition
Validated by the industry • #1 ranked company in Security
500 • NSS Labs “Recommended”
Firewall & IPS – 3 years in row • Overall Leader in Access
Governance, Kuppinger Cole • Best Security Service, Cloud
Security, Compliance, Info Security Products Guide
• Recommended by SC Magazine • Major Player, Email Security, IDC • 6 Gartner Magic Quadrants
76B cyber events
analyzed daily
2m devices WW
reporting on 40m users
5.9B security events of
interest daily
Dell SecureWorks
$14 trillion in assets
protected daily
1.06 trillion IPS
incidents detected &
blocked
5,000 security
incidents escalated
daily
1.78 billion malware
downloads blocked
Dell SonicWALL
Dell Data Protection Encryption
Data encrypted
and protected on 7m devices
Dell Identity and Access
Management 110m managed identities;
78.5m users audited
2,000+ security
professionals worldwide
16 Dell World 2014
Next steps
Visit the Security deep dive area, or the Protect lane in the Solutions Expo to see a demo
Attend other Security sessions: • MT23: Data Protection for
Data Everywhere: Utilizing Context-Aware Security Controls
• MT24: Enabling Mobility without Sacrificing Security
Dig in at the Hands on Lab
Dell World 2014
Thank you.
Want to learn more about Dell’s security solutions?
Learn via email. Start here.
Sign me up!