Sunday, August 31, 2014

4 Reasons Why ITIL = Security

4 Reasons Why ITIL = Security
By Justin C Miller
Posted 8/31/2014

I would like to propose that ITIL done right can improve your company's security and increase your IT security team's efficiency and effectiveness. How you ask? I'm about to tell you.

Skeptical and concerned about your own team being drown in paperwork every time you want to introduce a new fun security tool into your production environment? Get over it ... the benefits far out weigh any hassle you may dream up. I'd argue you need to set a good example and document your activity anyways.

So let's get to the goods. How is it that your company adopting ITIL will make your security team look amazing?

Here's 4 key concepts I think prove my point ...

#1 - ITIL builds an amazing and powerful CMDB that gives you an accurate blueprint of what services, applications, users, and devices your company has. Sweet, you've just been handed a list of what you have to protect and somebody else is going to maintain it for you! Need I say more?

#2 - ITIL gives you this amazing concept of Change Management. Every time anything in your production environment is about to change, you are given a set of documents showing what is changing, why, when, by whom, and how they'll back it out if it fails. Even better, your advisory board meetings give you a chance to review these changes and voice your opinion on them before they go live. Now do this in parallel with file integrity monitoring and suddenly you're able to immediately without a doubt identify if made to a Production environment are suspicious or expected.

#3 - ITIL gives you day-to-day Incident management. Why is this good? You suddenly have your entire company monitoring your environment for abnormalities and documenting what they've seen. This can come in real handy when identifying and trying to correlate events because somebody will have noticed something and documented it.

#4 - ITIL goes one step beyond Incident management. It moves you into the awesome realm of Problem Management. Why do you care? Because problem management means things are going to get researched and dug into until a root cause is found. No more sweeping things under the rug or putting out the fire without determining who started the fire in the first place. This is extremely useful because you'll learn when an Incident was caused by a technical issue or if it heaven forbid the root cause traces back to some sort of security breach.

ITIL done wrong is a money sucking train wreck. But ITIL done right is amazing. Your IT security team should embrace it and champion it, get everybody on board and make it a success!

Copyright © 2014, this post cannot be reproduced or retransmitted in any form without reference to the original post.

No comments:

Post a Comment