INDUSTRY INSIGHT
As this fiscal year wraps up, many agencies are planning their response to compliance reporting requirements. Meeting these requirements -- particularly in advance of an audit -- can be incredibly time-consuming. While the Defense Department has made managing risk easier through Security Technical Implementation Guides (STIGs), its still dependent upon IT staff to help ensure their systems are continuously secure and compliant -- throughout the year, not just at a point in time.
Government IT systems are complex, budgets are limited and threats are constantly evolving. Ensuring that those systems have the right security controls, processes and documentation in place to demonstrate compliance with security standards can be challenging, but the effort is highly manageable, especially with automation. Lets consider how government IT professionals can use automation to take the time and guesswork out of compliance.
The problem with STIGs
A STIG is a set of security hardening standards and maintenance processes for networks, systems and platforms all DOD IT assets must comply with. There are hundreds of possible STIGs -- each with thousands of rules that must be followed -- and the number only continues to rise as new systems, versions and updates come online.
Monitoring server and network configurations against these compliance policies can be cumbersome. Even with the best change-control processes, it requires an army of people to manage and track all the configuration changes happening within the IT infrastructure. If a system has a particular STIG applied to it and happens to deviate from that control, how would system and network administrators know?
This is particularly problematic because these changes are happening all the time. A system or device can deviate from a STIGs expected baseline configuration for any number of reasons -- such as a system update or when a patch is applied to a vulnerability. Sometimes the deviation is deliberate. For example, an application may not run properly without introducing permission or authorization settings that deviate from the STIG. In each of these instances, administrators must create an exception to the STIG. They must also explain and document the exception in preparation for an audit -- a painstaking process.
These manual, time-consuming compliance tasks can take weeks and cost a significant amount of taxpayer money to implement across applications, servers and networks.
How automation can help ease compliance
Automation is critical to lessening the compliance burden on IT pros and allows them to focus on other priorities.
Applications, systems and devices are constantly in flux, and staying on top of any configuration drift is challenging. This isnt just a compliance issue. Any configuration changes in the IT infrastructure can lead to security breaches, outages and slowdowns.
However, with automation, administrators dont have to monitor each system in a cache of thousands of IT assets for potential configuration changes. Instead, the moment a configuration starts to drift from baseline security tools, monitoring tools detect the change and proactively notify administrators in near-real-time. IT teams also have visibility into who has changed the configurations, what changed and the related performance impact.
With this insight, they can troubleshoot faster, eliminate vulnerabilities, improve security, build in exceptions and demonstrate compliance far more effectively and efficiently than manual processes will allow.
Automation can also remediate the tedious task of compliance reporting. Administrators can quickly produce FISMA and STIG reports from their configuration templates and easily generate audit documentation and reports -- work that would otherwise take weeks to complete.
Compliance automation can help break down the barriers between security and operations teams. System and network administrators must know their systems are configured in accordance with security policy, but they often lack access to the right tools. However, with the ability to monitor server and device configurations against compliance requirements, they can quickly identify and fix issues without burdening their peers in the security operations center.
Stepping up to automated compliance
Mitigating security risks is one of the most important tasks IT and network administrators undertake. Its also one of the most complex, time consuming and costly -- particularly as it relates to compliance. This is where automation can really shine -- helping the entire federal IT team achieve compliance and deliver compliance reporting while lightening their load.
About the Author
Brandon Shopp is VP of product strategy with SolarWinds.
View original post here:
How automation takes the time and guesswork out of security compliance - GCN.com
- Tasker updated with powerful new Android 15 automation features - Android Police - May 17th, 2024 [May 17th, 2024]
- Exploring Stereo Imaging and Automation at the Machine Vision Summit - Novus Light Technologies Today - May 17th, 2024 [May 17th, 2024]
- Yellow.ai unveils Email Automation feature for streamlined support - IT Brief New Zealand - March 4th, 2024 [March 4th, 2024]
- Automation in Biopharma Industry Propels Market Growth with Emerging Trends - Global Forecast to 2028 - Yahoo Finance - March 4th, 2024 [March 4th, 2024]
- Ginkgo Bioworks: Pioneering Healthcare's Future with Drug Development Automation - BNN Breaking - March 4th, 2024 [March 4th, 2024]
- Inspiring cloud automation - The Register - March 4th, 2024 [March 4th, 2024]
- Clinical Lab Automation Market to Reach $3.72 Billion by 2030 Amid Technological Advancements - PR Newswire - March 4th, 2024 [March 4th, 2024]
- #ETFutureForwardME: Hiring and onboarding right with AI and automation, ETHRWorldME - ETHRWorld Middle East - March 4th, 2024 [March 4th, 2024]
- How Document Digitization, Process Automation Can Help Rebuild Trust - GovCIO Media & Research - March 4th, 2024 [March 4th, 2024]
- Iraq's Customs starts using ASYCUDA automation system in Umm Qasr - Iraqi News - March 4th, 2024 [March 4th, 2024]
- Robot Software Market: Powering the Future of Automation ,Analysis and Forecast 2023-2029 - WhaTech - March 4th, 2024 [March 4th, 2024]
- ImageSource Unveils ILINX AI for Intelligent Process Automation - PR Newswire - March 4th, 2024 [March 4th, 2024]
- The Evolving Landscape of APIs: Integration, Automation, and AI - EnterpriseTalk - March 4th, 2024 [March 4th, 2024]
- Gen AI isn't the only tech driving automation in banking - Finextra - March 4th, 2024 [March 4th, 2024]
- Navigating the Future: The Shift Towards Level 3 Automation in the Automotive Industry - Medriva - March 4th, 2024 [March 4th, 2024]
- Automation and Controls Market is Rapidly Growing with Huge Application Scope and Opportunities by 2030 - EIN News - March 4th, 2024 [March 4th, 2024]
- Winning the Game: Essentials skills to survive AI, LLMs and Automation - DataDrivenInvestor - March 4th, 2024 [March 4th, 2024]
- Industrial Metrology Market Set to Hit $17.96 Billion by 2030, Driven by Automation and Quality Demand - BNN Breaking - March 4th, 2024 [March 4th, 2024]
- Automation tools Archives - Milwaukee Community Journal - The Milwaukee Community Journal - March 4th, 2024 [March 4th, 2024]
- Industrial Automation Market to Receive Overwhelming Hike In Revenue That Will Boost Overall Industry Growth - EIN News - March 4th, 2024 [March 4th, 2024]
- Lutra AI launches to make building automated AI workflows easy - SiliconANGLE News - December 9th, 2023 [December 9th, 2023]
- AI meets materials science: the promise and pitfalls of automated discovery - VentureBeat - December 9th, 2023 [December 9th, 2023]
- SPS Fair 2023 - The Latest Industrial Automation Trends - IoT Analytics - December 9th, 2023 [December 9th, 2023]
- Top WorkTech News From the Week of December 8th: Updates from Infor, Automation Anywhere, IFS, and More - Solutions Review - December 9th, 2023 [December 9th, 2023]
- Nividous and RCG Global Services Focus on Empowering Healthcare and Life Sciences Organizations with Intelligent ... - PR Newswire - December 9th, 2023 [December 9th, 2023]
- Automation and Communication to Streamline Deliveries - Supply and Demand Chain Executive - October 27th, 2023 [October 27th, 2023]
- Future of Employment in an Era of Automation - Drishti IAS - October 27th, 2023 [October 27th, 2023]
- From legacy to automation: Spirent's impact on network validation - ETCIO - October 27th, 2023 [October 27th, 2023]
- Genghis Grill Partners with Flybuy on Off-Premises Automation - FSR magazine - October 27th, 2023 [October 27th, 2023]
- Q&A: Workday exec talks hospitality and automated, scalable finance - Smartbrief - October 27th, 2023 [October 27th, 2023]
- Home Automation Market Size to Worth Around USD 788.33 BN by ... - InvestorsObserver - May 15th, 2023 [May 15th, 2023]
- Network automation market set to surge over the next decade - ChannelLife Australia - May 15th, 2023 [May 15th, 2023]
- Mitsubishi Electric agrees strategic investment in Otto Motors to ... - Robotics and Automation News - May 15th, 2023 [May 15th, 2023]
- Roots Automation Introduces InsurGPT - the World's Most Advanced ... - PR Newswire - May 15th, 2023 [May 15th, 2023]
- Research Shows Ways Digital Print and Automation Power Profitability - Printing Impressions - May 15th, 2023 [May 15th, 2023]
- Rockwell Automation Inc. stock outperforms market on strong trading day - MarketWatch - May 15th, 2023 [May 15th, 2023]
- Is It Too Late To Consider Buying Presto Automation Inc. (NASDAQ:PRST)? - Yahoo Finance - May 15th, 2023 [May 15th, 2023]
- U.S. Companies Embrace Automation and Digitization - CPAPracticeAdvisor.com - May 15th, 2023 [May 15th, 2023]
- Byron Centers SpartanNash Ups Customer Service with Robotic ... - DBusiness - May 15th, 2023 [May 15th, 2023]
- Why KYC automation is key to business growth strategies - FinTech Magazine - May 15th, 2023 [May 15th, 2023]
- Leading Ireland & UK Industrial Automation company NeoDyne ... - Process & Control Today - May 15th, 2023 [May 15th, 2023]
- Automation Testing Market: Industry Overview, Size, Share and ... - Digital Journal - May 15th, 2023 [May 15th, 2023]
- Accelerate your speed of business with IBM Event Automation - IBM Newsroom - May 15th, 2023 [May 15th, 2023]
- 3M Brings Innovation to the Manufacturing Supply Chain Environment - MarketScale - May 15th, 2023 [May 15th, 2023]
- Jitterbit Survey Reveals Low-Code Application Platforms Play an ... - GlobeNewswire - May 15th, 2023 [May 15th, 2023]
- Turning value into actions: How leaders can use automation and AI ... - Elite Business Magazine - May 15th, 2023 [May 15th, 2023]
- Automation will combat stagnation | theHRD - The HR Director Magazine - May 15th, 2023 [May 15th, 2023]
- MG Tech Unveils New Palletizer with Yaskawa Cobot and Rockwell ... - Packaging Strategies - May 15th, 2023 [May 15th, 2023]
- How automation technology helped Cainiao deliver more than 200 ... - Parcel and Postal Technology International - May 15th, 2023 [May 15th, 2023]
- IT Priorities 2023: Business automation intensifies as data ... - ComputerWeekly.com - May 15th, 2023 [May 15th, 2023]
- Milking Automation Market Size, Share And Growth Analysis For 2023-2032 - EIN News - May 15th, 2023 [May 15th, 2023]
- Digitise your SMEs for Success: How can HR Automation empower you to Stay Ahead of the Game? - People Matters - May 15th, 2023 [May 15th, 2023]
- Verified acquires Pliance to compliment digital signatures with AML ... - Biometric Update - May 15th, 2023 [May 15th, 2023]
- HireVue acquires Modern Hire to bolster hiring automation capabilities - HR Dive - May 15th, 2023 [May 15th, 2023]
- Advanced thermal imager for industrial automation, inspection ... - AZoM - May 15th, 2023 [May 15th, 2023]
- Warehouse Automation Survey 2023: More robots are coming to a ... - Modern Materials Handling - May 15th, 2023 [May 15th, 2023]
- Agriculture Automation and Control Systems Market Untapped ... - Digital Journal - May 15th, 2023 [May 15th, 2023]
- Himachal Pradesh Government Prioritizes Digitization and ... - TheNewsHimachal - May 15th, 2023 [May 15th, 2023]
- An IT Executive's Guide to Automation - free eGuide - Neowin - May 15th, 2023 [May 15th, 2023]
- Are You Looking for a Top Momentum Pick? Why Rockwell Automation (ROK) is a Great Choice - Zacks Investment Research - February 20th, 2023 [February 20th, 2023]
- Industrial Automation Sensors Market is Predicted to Hit a Revenue of USD 37.76 Billion by Growing with a CAGR of 9.12% During 2022-2028; Growing... - February 20th, 2023 [February 20th, 2023]
- Declining Stock and Decent Financials: Is The Market Wrong About Honeywell Automation India Limited (NSE:HONAUT)? - Simply Wall St - February 20th, 2023 [February 20th, 2023]
- What is Automation? - ISA - International Society of Automation - February 5th, 2023 [February 5th, 2023]
- Free Online PLC Training from AutomationDirect - February 5th, 2023 [February 5th, 2023]
- Investing in Rockwell Automation (NYSE:ROK) five years ago would have delivered you a 65% gain - Simply Wall St - February 5th, 2023 [February 5th, 2023]
- The Robotic Process Automation (RPA) Market size was valued at USD 2.27 billion in 2021 and is predicted to reach USD 18.69 billion by 2030, with a... - January 10th, 2023 [January 10th, 2023]
- Bill would give North Dakota manufacturers a tax break on automation - The Center Square - January 10th, 2023 [January 10th, 2023]
- I just watched McDonald's next step into automation and why are you so mad about it? - ZDNet - January 10th, 2023 [January 10th, 2023]
- What if your colleague is a bot? Harnessing the benefits of workplace automation without alienating staff - The Conversation - January 10th, 2023 [January 10th, 2023]
- Will Hollysys Automation Technologies Ltd (HOLI) Stay at the Top of the Industrials Sector? - InvestorsObserver - January 10th, 2023 [January 10th, 2023]
- Valmet Oyj : to supply automation to three waste-to-energy plants in Sungnam City, Korea - Marketscreener.com - January 10th, 2023 [January 10th, 2023]
- How Automation Can Bridge The Gap Between Internal Operations And Customer Service Excellence - Forbes - December 26th, 2022 [December 26th, 2022]
- The Global Industrial Automation And Control Systems Market size is expected to reach $301.8 billion by 2028, rising at a market growth of 10.0% CAGR... - December 26th, 2022 [December 26th, 2022]
- Introducing the Automation Kit for Power Platform - December 16th, 2022 [December 16th, 2022]
- Salesforce com : Launches Automation Everywhere Bundle to Help Companies Lower Costs, Boost Productivity, and Deliver Success Now - Marketscreener.com - December 2nd, 2022 [December 2nd, 2022]
- ACE Convergence Acquisition Corp. and Tempo Automation, Inc. Announce Closing of Business Combination; Tempo Automation Holdings, Inc. to Trade on... - November 27th, 2022 [November 27th, 2022]
- Global automation major Diebold Nixdorf expands presence in India with Bengaluru facility - The Economic Times - November 27th, 2022 [November 27th, 2022]
- Structural Health Monitoring Market Report 2022: Increasing Requirement for Standardization and Automation for the Repair and Maintenance of Civil and... - November 19th, 2022 [November 19th, 2022]
- The mining automation market size is expected to grow from USD 3.1 billion in 2022 to USD 4.2 billion by 2027; it is expected to grow at a CAGR of... - November 19th, 2022 [November 19th, 2022]
- Cisco study: Network teams look to SDN, automation to manage multicloud operations - Network World - November 16th, 2022 [November 16th, 2022]