Reduce operational friction and resource drain by reducing your tools to achieve better security.
Nowhere does the maxim “complexity breeds errors” apply more than in the world of cybersecurity. From continuous updates being applied to firewall policies that lead to tens of thousands of rules, to digital certificates that are never revoked, only regenerated, maintaining security environments is a management headache. All too often a post-breach analysis identifies that the business had the right controls in place, and an alert that something unusual was happening was created, but critical information was lost in the noise. Too many systems, often with conflicting settings but wired to talk to each other, failed to elevate the problem for immediate attention and response.
There are over 2,200 suppliers offering tens of thousands of security products around the world. It’s no surprise that most organizations could benefit from reducing the number of products they use. Reduce the noise, reduce the complexity, reduce errors. The results—better security.
Manage the Complexity—Improve the Results
Employee monitoring is one security discipline where complexity is introduced by a plethora of products. Increasing regulations and more stringent compliance regimes each year have layered in more requirements. It may start as a simple need to block access to certain websites by category, and a solution that delivers content URL filtering. Then, when the need arises to enforce authorized access, another solution is installed. And the cycle continues.
Some organizations like call centers or equity trading desks need to monitor employee communications either for productivity purposes or compliance requirements. What happens then? Install another system to do that. And, as modern endpoint defenses are developed to prevent employees from inadvertently infecting their workstation, you need a solution for advanced endpoint defense. And so it continues.
Do not underestimate the value of employee monitoring for policy enforcement. Privacy regulations require that users must be notified of any monitoring, and in fact, it is that notification that drives good behavior. A written employee manual may, for instance, warn users against browsing pornography from their work stations and explain that it leads to a hostile work environment. But the additional notification that browsing behavior is being monitored, incorporating warnings on the desktop if such an attempt is made, are the strongest enforcement methodology for good behavior. Similar monitoring and enforcement notifications that protect the transfer of intellectual property to thumb drives, or the use of personal email accounts, or banning hyping an equity to customers, are all enforceable with technology.
Get Centered for Improved Security
While achieving all of these capabilities may require different solutions, the complexity of managing those solutions can be reduced dramatically by implementing a central management console. All the policies are set and all the data is collected and analyzed by the same platform. Discovery, logging, and report generation all flow from the single solution. Doesn’t this already sound more manageable?
Other benefits that call for moving to a single platform include:
- Instant correlation. With all the information—web browsing, configuration changes, keystrokes, productivity, data loss prevention—in one place, it’s much easier to correlate and apply forensic analysis to determine what happened. Does a call center employee download a file to a thumb drive at the end of every shift (possibly indicating data theft)? Is a user browsing inappropriate content during working hours? Does a pattern of specific behavior indicate a disgruntled employee? What did that employee click on just before the ransomware was installed?
- Better compliance. As auditors demand more reporting for compliance, having all the data in one place and easily exportable will shorten the time to respond to auditor inquiries.
- Lower cost. Managing multiple vendor contracts, acquired at different times, is never optimal. The total cost of ownership can be much lower if separate administrators are not required for each product, let alone the engineers required to ensure that all the products are wired to share data.
Eliminating complexity in security operations leads to greater efficiency and, more importantly, better security. This holds true for employee behavior monitoring. A light footprint on the device and network, combined with a single management console, will increase the efficacy and enforcement of policy. To see an endpoint management and employee monitoring solution in action in a single pane of glass, download this eBook and see what LanScope Cat can do to make your business more efficient and more secure, at an affordable price point.
About the Author
Richard Stiennon, former Gartner VP Research and industry executive, is the founder of the industry analyst firm IT-Harvest. Organizations around the world engage with Stiennon to get his insights on trends in technology, threats, and policy.