Security Monitoring Strategies
Creating a unified, enterprise-wide security monitoring strategy for any organization must be based on a series of strategic goals and objectives that encompass every functional area and system of a business. The intent of this analysis is to define the objectives that must anchor a security monitoring strategy to ensure its success, followed by specific recommendations for security monitoring of each major functional area.
Defining Security Monitoring Strategies
For an enterprise-wide security management strategy to be successful, the monitoring systems and processes must seek to accomplish three key strategic tasks. These tasks include improving situational awareness, proactive risk management and robust crisis and security incident management (Gellis, 2004). With these three objectives as the basis of the security monitoring strategies and recommended courses of action, an organization will be able to withstand security threats and interruptions while attaining its objectives.
Beginning with the internal systems including Accounts Payable, Accounts Receivable, Inventory, General Ledger, and Human Resources, monitoring needs to be designed to capture strategic threats at the operating system and application level to be effective (Nagaratnam, Nadalin, Hondo, McIntosh, Austel, 2005). Each of the applications in these areas of enterprise software is designed to be used in the context of user's roles and information needs. Restricting access to sensitive information by role as defined in these applications is critical to the monitoring of resources and their effectiveness in delivering value to the organization (Gordon, Loeb, Tseng, 2009). Creating a governance framework hat can provide for enough role-based flexibility while monitoring overall performance is critical for an organization to keep accomplishing its goals while also staying secure (Khoo, Harris, Hartman, 2010).
Often the many internal systems of a business...
Many organizations use Enterprise Resource Planning (ERP) system to unify these many systems into a single system of record to make security management and monitoring more cost-effective (Gellis, 2004). For the many internal IT systems that require IT monitoring, integrating them into a common system of record is also critical as it allows for auditing of cross-system and intra-system transactions. Too often organizations fail in their security monitoring strategies by allowing silos of systems to dominate their overall IT architecture (Nagaratnam, Nadalin, Hondo, McIntosh, Austel, 2005). By applying security monitoring at both the strategic IT level including the system of record and at the role-based access level of each application, organizations can attain a 360-degree level of system monitoring compliance and threat assessment.
Having an integrated system security structure also allows for more effective risk management strategies including the ability to isolate and act on security incidents more effectively than siloed systems allow for. Each of the mission-critical systems within a business, encompassing Accounts Payable, Accounts Receivable, Inventory, General Ledger, and Human Resources rely on integration with systems and processes external to the company as well. Integrating to systems outside the organization also present risks to the entire organization as well. These external integration links, whether automated through the use of advanced system technologies or defined through the use of logins and passwords, must be monitoring and audited as well (Gellis, 2004).
The risks and need for security are amplified by the use of Internet-based marketing, sales and e-commerce systems (Kesh, Ramanujan, Nerur, 2002). Monitoring of these applications is more challenging as they are open to the public. The first area of monitoring is on security authentication and attempts to break into sales,…
