Addressing Security ChallengesBy Kevin Quinlan | Posted 2011-12-06 Email Print
Improving visibility across its IT infrastructure bolstered restaurant chain Bertucci’s security and compliance initiatives.
The next step was to figure out how to address our security and compliance challenges, now that we had a handle on what we were up against. Given the small size of my team, it became evident that we required technology that could automate as much of the security and compliance process as possible.
The requirements of PCI DSS largely dictated where I began selecting the right tools. Requirement 10.5.5 calls for “the use of file integrity monitoring and change detection software on logs to ensure that existing log data cannot be changed without generating alerts,” so I looked at Tripwire Enterprise. Considered by many to be the de facto standard for file integrity monitoring (FIM), Tripwire Enterprise is, I believe, the only single-source solution for detecting, analyzing and reporting all changes to our systems and files across the IT infrastructure.
My team was glad to have access to tools that could automate the assessment of relevant con-figurations across our infrastructure and alert me to settings that are out of compliance. It meant that we didn’t need people burning the midnight oil, particularly during our SQL Server upgrades, to make sure everything was compliant and stayed that way.
After our success with Tripwire Enterprise, we purchased the Tripwire Log Center security information and event management (SIEM) solution to improve our intelligent threat control by correlating events and changes. This enabled us to immediately identify and respond to significant events.
By using the solutions together as the integrated Tripwire VIA suite, we can cover all the bases when it comes to IT security and compliance: from identifying threats and reducing the breach-to-detection gap to being able to generate proof of compliance and get significantly more visibility into our overall infrastructure.
Though it’s notoriously difficult to quantify the ROI of security and compliance technology, I find it easy to measure Tripwire VIA’s impact on our company. Simply put, I now know that seven days a week, all my systems are protected.
From a compliance perspective, we not only meet all regulatory requirements, but also have a foundation in place to automate and prove compliance with any industry or government mandates that may emerge in the future. The proof is in our audits, the reports for which now require only a mouse click. That compares with the hours it previously took us to generate these reports.
Making the suite a core component of our security and compliance efforts has had a tremendous affect on our business by adding greater visibility across our infrastructure and giving us the automated intelligence needed to turn change and log data into actionable knowledge. It’s amazing that just four years ago we had zero visibility into the state of our network and our security and compliance status, yet now we have a clear view of precisely where we stand at any given moment.
Kevin Quinlan is senior director of IT at Bertucci’s, headquartered in Northboro, Mass.