Complete awareness of agency network activity is not only critical to maintaining compliance with important government mandates; it is also a key security component in today’s complex IT environment. According to a recent Dell Software survey, half of senior federal IT professionals surveyed indicated that they are reactive to network vulnerabilities and, as a result, struggle to maintain compliance with mandated IT policies and standards.
With compliance remaining both a constant imperative and challenge for government agencies and organizations, Dell Software’s Tim Sedlack, senior product manager, has created a list of tips for staying compliant with government mandates.
Click through for 10 tips that can help your organization stay in compliance with federal mandates, as identified by Tim Sedlack, senior product manager, Dell Software.
Take inventory
Understand what you have and take inventory of all assets and accounts, including users, computers, files, shares, permissions, etc. When you understand where you are and what you have, you can start the process with continuous compliance.
Audit according to your requirements
Whether it is FISMA, NIST or others, you have a minimum bar set by your requirements. This is the least you have to do – if you can do more to support a more secure and “reportable” environment, you should.
Only provide auditors what they ask for
If you’re collecting lots of data, make sure you clarify the question and provide the auditors with exactly – and ONLY – what they ask for. If you provide them piles of dirt and a shovel – they will dig!
Alert on what’s actionable
There’s a tendency to alert on events and changes that are interesting. Resist that tendency and ensure you’re only alerting on things that are actionable – something you can do something about.
Remediate as quickly as possible without destroying evidence
Whether it is a breach, application or service downtime, it’s hard to experience a failure. Make sure you do not trade expediency for proper procedure. Ensure your tools are in place and working to collect the data that eventually someone will come in search of.
Get compliance and security teams talking
These two teams are so interconnected that they could be considered ONE team. Make sure that each team knows what data they need, as well as the urgency of requests. Oftentimes, the teams do not know the value of the data each team is collecting.
Schedule reports for common requests
When someone asks you for data over and over, it is within reason to ask if they can put the request in the form of a report definition like “All user lockouts in the last 24 hours” or “Changes to Group Policy in the last week.” With scheduled reports, the load of constant ad-hoc reporting is lightened.
Constantly evaluate what’s in scope
End users put IT in precarious positions all the time, without knowing it. They bring in personal devices, copy information to USB drives (or cloud storage), open new SharePoint sites, and copy files from one host to another. When under compliance mandates, it is important to be on the lookout for any new holes that need to be plugged.
Recovery
Make sure you have not only the capability to back up everything you have, but you can restore the smallest pieces of information or data. It’s much easier and safer to restore a single folder or file than have to restore an entire server. The same goes for Active Directory; if you can restore an attribute rather than a user (or worse yet, a DC or FOREST), you will save time and stress.
Automate where you can
It prevents human mistakes and works 24/7/365. There are costs associated with getting this done, so communicating the value may be hard, but in the end, the cost is worth it.