Tuesday, October 5, 2010

How to select a SIM solution?...Read on

You want to put in place an enterprise-class Security Information Management and compliance solution
that can address a broad range of regulatory compliance requirements.

You also want such a solution to have superior flexibility, functionality, scalability and ease of use. 
Yet, you do not want it to burn a hole in your pocket.

There are so many offerings in the market…but which one is the best suited for you. 

How to choose the right one?

Confused...Following is a list of evaluation best practices that would assist you in making the right choice…J

Compliance is an ongoing activity that is done constantly. Hence, when selecting a SIM solution for 
compliance, take time to understand exactly how each product can make your department more effective 
by proactively helping you manage your compliance efforts on an ongoing basis.

It is not enough to be compliant, you must also prove it.  Ensure that workflow and the richness
of audit trail are carefully evaluated. A common point includes proving processes have been followed
and controls have been executed. The ability to execute and report on a closed loop workflow
and the ability to retrieve information from the audit trail in an ad-hoc manner is critical.

Compliance best practices and audit procedures are constantly evolving.  Make sure that Your SIM system
can adapt to new compliance requirements easily and can grow with your organization.

Place a premium on data collection. The system must be able to collect all the data from events that are
relevant for compliance purposes and must support quite a large number and varied sources of data.

It is important to understand what approach your vendor has taken with pre-developed compliance
solutions, the granularity of the methodology that has been used to ensure best practices and the level
of research that they have applied to the solution.

Look for a system that can be deployed quickly with out-of –the box intelligence and collection capabilities
to deliver immediate results. This will save you a lot of your consulting dollars.

Compliance should improve security. Choose a system that not only enables you to achieve compliance
but also protects your business at the same time.

Correlation is the key to compliance. A robust solution should have both pre-configured correlation rules
as well as customizable rules that meld to your compliance policies.

Focus on the regulated Business process. The solution must be able to map your technical information
and log data to your regulated business processes, and then map your business process to your specific

A compliance program should address your unique needs. The solution should consider the uniqueness
of your organization including how you exchange information, what technology architecture you use
for your networks and systems and how your IT security organization is arranged.  

    The points mentioned above are our understanding abstracted from TOP 10 Regulatory Compliances by ARCSIGHT.

    No comments: