Changing the paradigm again…
- Friday, January 23, 2009, 16:58
- Threat Research
- 0 views
In my travels and discussions with CIOs, CISOs and Risk & Compliance Officers, I hear time and again how companies struggle with a lack of time, resources and expertise when performing IT audits. I have a name for this condition - “audit fatigue,” where massive efforts are devoted to complete multiple IT security audits. Also, in an environment where cost containment is an absolute must, having to purchase additional infrastructure (such as consoles, agent technology, software distribution and reporting tools) is often not a valid option. This is why the Risk & Compliance Business Unit at McAfee has developed a new solution for simplifying IT audits and demonstrating compliance. We call this our Total Protection for Compliance Solution, or ToPS for Compliance.
ToPS for Compliance simplifies the tasks associated with performing IT audits through integration of two previously separate approaches - agentless and agent-based policy audits. We have eliminated the need for companies to decide between these two approaches, or worse, to deploy multiple products at increased cost and complexity. With ToPS for Compliance, a unified IT policy benchmark is utilized for both managed assets (those with an agent) and unmanaged assets (those without). The audit process is radically simple - discover assets, select benchmarks, assign assets, execute the audit across both managed and unmanaged assets together, then view the combined results. Because ToPS for Compliance uses the security management infrastructure (McAfee ePolicy Orchestrator) already in place at many customer sites, existing agents, consoles and reports are leveraged for
...Read the original story
