|
Source: SecurityPipeline - Posted by Benjamin D. Thomas
|
When software designed to manage the loads of information collected from security systems debuted a few years ago, its high cost and complexity stood in the way of its adoption. Yet for some businesses, managing such data is now a requirement in order to comply with government regulations on the collection and retention of data.
Nowhere is this pressure felt more than in the health-care and financial-services markets. Take Genesis HealthCare, which finds itself needing to comply with state data privacy laws in the 12 states where it operates, in addition to compliance with various federal laws. "Firewalls alone produce reams of [data] logs per week," says Bruce Forman, director of information security for the $1.5 billion-a-year health-care provider, which has more than 200 locations, 400 servers, and 38,000 employees.
Once companies get past the up-front investment, security-management software can save them time and money by automating controls that make sure their systems are in compliance. It will let users, for example, check to see if a setting on a password policy is compliant with the company's overall password policy or if an FTP event is starting on a server where it's not supposed to. "Security information- and event-management software isn't new; the main thing that's changed is that now we're in a world that's more heavily regulated," Forman says.
Read this full article at SecurityPipeline
Only registered users can write comments.
Please login or register. Powered by AkoComment! |
