3 Reasons Why IT puts Us at Risk by Phil Godwin


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

3 Reasons Why IT puts Us at Risk by Phil Godwin

  1. 1. 3 Reasons why IT puts us at risk by Phil Godwin, VP of Sales, Clear TechnologiesOur economic environment is still in a fragile oriented. Even so, they do not like to performstate. Although we see signs of recovery, a brainless tasks. Log management falls into thatmajority of our customers are in the process of, category as an IT person would have to pourand seem to be relishing in cost containment. through reams of data and somehow correlateOne area that has, in recent years, impeded and weight each security risk, which is a trulycost containment is data breaches. tedious task.According to a recent study, the cost per No time to ensure uptime; no time to preventcompromised customer record is $204 and the downtime. IT runs your operations. On any givenaverage total cost of a data breach is $6.75 day, they are performing multiple tasks thatmillion. As a result, log management, because it stretch their skills to the limit. Alreadyacts as a great first-line of defense against a overworked, one IT administrator stated that hedata breach, is a task that is constantly playing is responsible for maintaining a service level ofin the minds of IT and security professionals and 98% for his 900 users, and maintaining/reviewingexecutives. Yet, all too often, analyzing logs is log data. But, he is only merited based on hisseldom adequately performed. In its service level performance. Consequently, hepublication, “Guide to Computer Security Log seldom manages and reviews his logs andManagement”, The National Institute of hopes that an incident will not bring down hisStandards and Technology (NIST) identified two system.major problems with log management. The firstproblem is that of “balancing a limited quantity “NAH”. Weve all heard the phrase "NIH", notof log management resources with a invented here. However, with IT staff, wecontinuous supply of log data.” The second is constantly witness a belief system of “NAH", notthat of “ensuring that security, system and affected here. Because of the limited time andnetwork administrators regularly perform multiple demands placed on an IT staff, manyefficient and effective analysis of log data.” are forced to hope and believe for the best. One IT analyst confided to us he hoped toAt one of our recent customer visits, an IT never have a breach since a breach wouldexecutive was sharing his ongoing frustration bring down his contract manufacturing line andwith log management and analysis. To cost about $25,000 an hour in lost productivitycomplicate matters, he stated that the laws, and on-time delivery performance.regulations, and mandates on companies of allsizes have made analyzing logs a necessity. He The Solution. Log data management is tooshared that although his company had both important of a task to be overlooked. In order tothe human and technology assets to perform ensure adherence to laws and potential costs,the analysis; his team could not, in a repetitive IT executives must first understand, address, andand timely manner, because of the difficulty in resolve the human factors that inhibit thisperforming the task. important task. A great way to help to counteract these three behavioral issues is toDespite his frustration, we probed further to find provide your IT staff with the right solution toout what drives this complexity. We were their problem in order to resolve your problem.surprised to learn that three factors, beyond theones delineated by the NIST, influence why logmanagement and analysis is not performed: it istedious, time consuming, and too abstract totend to.No one likes tedious work. Most IT personnel aregeneralized as being task versus people- About Clear Technologies. Since 1993, Clear’s customers have relied on them to meet their hardware needs. Today, their customers look to them to increase their organizational effectiveness by providing continuity, infrastructure, security, and virtualization solutions. Based in Coppell, Texas, Van can be reached at www.cleartechnologies.net/DynamicLogAnalysis or (972) 906 -7500 or pgodwin@cleartechnologies.net.