Continuous Compliance: Continuous Iteration
March 21, 2019

Jonathan Eropkin
2nd Watch

Share this

For most students, exam days are one of the most stressful experiences of their educational careers. Exams are a semi-public declaration of your ability to learn, absorb and regurgitate the curriculum, and while the rewards for passing are rather mundane, the ramifications of failure are tremendous.

My educational experience indicates that exam success is primarily due to preparation, with a fair bit of luck. If you were like me in school, exam preparation consisted mostly of cramming, with a heavy reliance on hope that the hours spent jamming material into my brain would cover at least 70% of the exam contents.

After I left my education career behind me and started down a path in business technology, I was rather dismayed to find that the anxiety of testing and exams continued, but in the form of IT audits. Oddly enough, the recipe for audit success was remarkably similar: a heavy dose of preparation combined with luck.

It seems that many businesses adhere to my cram-for-the-exam IT audit approach. Despite full knowledge and disclosure of the due dates and subject material, IT audit preparation in most companies I've encountered largely consists of ignoring it until the last minute, followed by a flurry of activity, stress, anxiety and panic.

Not surprisingly, there's a better way to do this. Both simple and complex problems can often be attacked and solved through iteration, including achieving a defined compliance level in complex IT systems. Achieving audit compliance within your IT ecosystem can be an iterative process, and it doesn't have to be compressed into the five days before the audit is due. Following is a four-step process I use to guide clients through the process of preparing for and successfully completing IT audits.

1. Define

The first step is to clearly define what we are trying to achieve. Start big-picture and then drill down into something much smaller and achievable. This will accomplish two things:

■ Build some confidence that we can do this.

■ Using what we will do here, we can "drill up" and tackle a similar problem using the same pattern.

Here is a basic example of starting big-picture and drilling down to an achievable goal: we need to monitor all logs in our organization (too large); we need to monitor authentication logs in our organization (still too large); we need to monitor network user authentication logs in our organization (getting closer); we need to monitor failed network user authentication logs in our organization (bingo!).

2. Identify and Recognize

Given that we are going to monitor failed user logons, we need a way to do this. There are manual ways to achieve it but given that we will be doing this over and over, it's obvious that this needs to be automated. Here is where tooling comes into play. Spend some time identifying tools that can help with log aggregation and management, then find a way to automate the monitoring of failed network user authentication logs.

3. Notify and Remediate

Now that we have an automated way to aggregate and manage failed network user authentication logs, we need to look at our (small and manageable) defined goal and perform the necessary notifications and remediations to meet the requirement. Again, this will need to be repeated over and over, so spend some time identifying automated tools that can help with this process.

4. Analyze and Report

Now that we are meeting the notification and remediation requirements in a repeatable and automated fashion, we need to analyze and report on the effectiveness of our remedy and, based on the analysis, make necessary improvements to the process.

The iteration (repetitive process) is simple. The scope and execution of the iteration is where things tend to break down. The key to successful iterations starts with defining and setting realistic goals. When in doubt, keep the goals small. The idea here is being able to achieve the goal repeatedly and quickly, with the ability to refine the process to improve the results. No more cramming for this particular compliance requirement, we are now handling it continuously.

Jonathan Eropkin is a Managing Consultant at 2nd Watch
Share this

The Latest

October 21, 2019

An effective breakpoint strategy helps deliver sharp, properly sized images, which are some of the most compelling pieces of content on a web page. Lack of such a strategy can lead to jagged images or ones that take too long to render due to excessive size, potentially reducing the overall effectiveness of web pages — and driving down the quality of the user experience. In this blog, we will explore just how significant image breakpoints are to businesses, and some important device-related factors to consider in image breakpoint decisions to deliver the optimally-sized web image every time ...

October 17, 2019

As the data generated by organizations grows, APM tools are now required to do a lot more than basic monitoring of metrics. Modern data is often raw and unstructured and requires more advanced methods of analysis. The tools must help dig deep into this data for both forensic analysis and predictive analysis. To extract more accurate and cheaper insights, modern APM tools use Big Data techniques to store, access, and analyze the multi-dimensional data ...

October 16, 2019

Modern enterprises are generating data at an unprecedented rate but aren't taking advantage of all the data available to them in order to drive real-time, actionable insights. According to a recent study commissioned by Actian, more than half of enterprises today are unable to efficiently manage nor effectively use data to drive decision-making ...

October 15, 2019

According to a study by Forrester Research, an enhanced UX design can increase the conversion rate by 400%. If UX has become the ultimate arbiter in determining the success or failure of a product or service, let us first understand what UX is all about ...

October 10, 2019

The requirements of an APM tool are now much more complex than they've ever been. Not only do they need to trace a user transaction across numerous microservices on the same system, but they also need to happen pretty fast ...