The megatrends of consumerization, mobile, social, and cloud are radically transforming the relationship between IT, the business, and individual users.
Nowadays, IT security is the biggest obstacle in adopting new information technologies while they are the most important factor of competitiveness.
Nowadays, companies concentrate their IT security resources to controlling tools and to external risk factors. But the ‘control’ itself isn’t enough, sometimes even harmful. We will show that you should put more emphasis on observation and - in case of internal users - mitigation of control. We present you the eCSI, an out-of-the-box security concept for facing this problem and to solve it business-friendly without bad compromises.
Access control defeats its own purpose way too often. Because of its inflexibility it is not able to eliminate breaches, though it can seem a very appropriate response. In most cases, IT security is set into a bad compromise where it cannot encumber a determined attacker but moderately push the business back.
Our eCSI concept is very similar to Gartner’s “Security Free State” concept. They also name it people centric security. I borrowed this slide from Gartner to present you the benefits of a monitoring based security concept.
What you need is a written policy with sanctions and the knowledge what is happening.
Control tools are the most simple and popular tools for prevention. But as we mentioned
The observation (or intelligence) system can be used both for forensics and prevention. The different is only in the data processing. A quick forensics of a suspicious event opens the door to prevent a real incident.
eCSI - The Agile IT security
The Agile IT security
Today: overweight of control
Tomorrow: contextual security
The benefits of contextual security
WHAT YOU NEED IS:
BalaBit eCSI Suite
Syslog-ng Shell Control Box
• Reliable logging
• Wide range of sources
• Independent data source
• Detailed footage
• Control functions
• Social network model
• Real-time dashboards
• Priority list
• Zoom function
• Run-on authentication
• Privacy warranty